I am new to TCG. My understanding is that in SRTM BIOS itself is assumed to be trustable. It’s not measured on a PC client during the boot since it’s the first one being loaded and executed. But it forms the basis of chain of trustable measurements. Is this correct?
What if my BIOS can’t be trusted? Can I still do remote attestation of the PC client booted this way?