Hello Kyle,
1) The terminal must have its own keypair (in AD, it's a preshared machine password hash) which must be used to authenticate the terminal.
In this example, are you referring to platform authentication or to an attestation of the software stack loaded on the platform? What I mean by "platform attestation" is that a host can attestate the software components loaded on it to a remote host during a network connection. If the remote host deems the loaded software components as untrusted (e.g. a crypto library with a known bug in it), it can refuse or otherwise restrict the connection. I hope ther was no misunderstanding. We are not really authenicating the platform due to privacy reasons. Instead, the user is issued a attestation identity key and certificate from a privacy CA. The client sends the AIK certificate with the attestation quote, and the server uses tht certificate to verify the quote signature. The user can even have multiple attestation identities and choose which one to use. Since privacy CAs can bind an AIK certificate to a TPM-enabled platform, they could compromise the client's privacy. Hence,the TPM 1.2standard uses zero-knowledge proofs instead of AIK cetificates. Correct me if I am wrong, but it seems like we are talking about different things. I am personally not familiar with the MS Active Directory.
The concept of platform attestation is flawed at its base (you can make any hardware tamper-resistant, but if someone knows how it's put together the tamper-resistance can ALWAYS be bypassed -- that's why it's called tamper-resistant, and not tamper-proof). Things can be made "tamper-evident", but that relies on the capability of physically inspecting the machine (tamper-evident tape, for example, that looks solid but has 'VOID' unattached to the plastic backing).
You have a point here. Right now IBM Thinkpads have the TPM chips on the methorboard. I'm sure we will see improvements here if TPMs become more widespread. IMHO, having the tamper-resistant TPM chip and its functionality still gives us more than we had before.
As for Firefox, the only thing which can be used via JavaScript is signtext. If there were a crypto object in the DOM which could support more than just signtext, it would be quite nice -- but there isn't one as far as I've been able to tell. (I have not looked that closely, however.)
I'm surprised. Are there any plans to export more of the functionality through the PSM module or in any other way? Regards, Peter _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
