Intel to include DRM in new Pentium 4 series processors

Brian Gladman Brian Gladman" <brg at gladman.plus.com
Thu, 12 Sep 2002 21:51:44 +0800 

----- Original Message -----
From: "Nicholas Bohm" <nbohm@ernest.net>
To: <ukcrypto@chiark.greenend.org.uk>
Sent: Thursday, September 12, 2002 8:40 PM
Subject: Re: Intel to include DRM in new Pentium 4 series processors


> At 19:40 12/09/2002 +0800, Brian Gladman wrote:
>
> >Over the last two years I have been briefed in detail on TCPA
developments
> >and also briefed in detail (under Non Disclosure Agreements) on a number
of
> >implementations of TCPA being undertaken by major companies.
> >
> >I think Ross is right to suggest that the community at large needs to
> >understand TCPA and its derivatives and hence make a judgement on the
impact
> >that this technology will have on the market.  I hence thought that it
might
> >be helpful if I set out my own position (TCPA is evolving so this is
subject
> >to change).
> >
> >At one level TCPA (I will use this term to cover both TCPA and the
related
> >implementations) allows a PC owner to have a higher confidence in the
> >software that is running on their machine.  It will offer secure boot
> >protection, secure driver loading and verification and OS metrics that
allow
> >a _machine owner_ to determine and verify what OS and what application
> >software runs on their machine.  All of these facilities are under the
sole
> >control of the machine owner and they can if they wish switch them off
(this
> >is the default).
> >
> >It is true that a company can take GPL'd software and provide it in a
form
> >that allows the user to say that it is _this_ particular version of the
> >software that they want to run.   The company providing this software has
to
> >comply with the GPL (assuming that this holds up legally) and this means
> >that anyone else can compile and sign this software and a PC owner can
> >choose to use this alternative.  They can do this themselves if they
choose
> >or they can take the software from any Free Software/Open Source
distributor
> >that wishes to supply TCPA signed OS or applications software.
>
> This seems to imply that the owner of a TCPA machine can use it to verify
> any signatures he wants (i.e. import into TCPA any public keys he trusts)
> and will not be dependent on having keys signed by parties approved by the
> TCPA consortium or anyone else.
>
> Is this in fact a feature of TCPA?

Yes, I believe this to be the case.

    Brian