> ----- Message from "Li, David" <LiD@cloudshield.com>
on Thu, 8 Sep
> 2011 17:15:40 -0700 -----
>
> [Trusted-computing] A Question on EK
>
> We are supposed to trust the CA
that issues the EK certificate. The
> chain of trust from this point on allows creation of other keys for
> signing and storage. But what if we are not sure if the CA for the
> EK is 100% trustable given that the TPM vendor is not totally
> trustable? Is there any way to trust all the latter key creations?
>
> The spec says users can create
their own EK and use their own CA to
> certify it. Can this approach solve the above problem?
In my opinion, if you can't trust the
TPM hardware (or software in a virtual TPM),
the game is over.
Some TPMs might allow external creation
of an EK, but it's vendor specific.
Others may allow you to run a command
and have the TPM generate an EK.
However, you don't gain any security
by putting a very strong key into weak
hardware.
Similarly, it doesn't help to certify
a weak key with a strong CA.