Trusted Boot in Fedora

R P Herrold herrold at
Tue Jun 28 22:09:40 UTC 2011

On Tue, 28 Jun 2011, Przemek Klosowski wrote:

> the processor serial number (PSN) wasn't shut down---every post-PIII CPU
> has it. The access is often disabled by the BIOS, but it's there:
> I think that TPC requires that PSN are enabled, but I can't think of why.

probably to provide a unique serial number to use as part of 
the TPM attestation private key generation, to ensure 
uniqueness and to prevent a replay type attack

-- Russ herrold

More information about the devel mailing list