I just stumbled across Hal Finney's rpow.net web site. He's one of the
original PGP 2.0 programmers, and he really seems to know his stuff
when it comes to cryptography and Trusted Computing's "Remote
Attestation" feature. That's why I found the following statement from
the main page so surprising:
"Allowing clients to dynamically validate the security of a server
turns the concept of Trusted Computing on its head. Rather than a
threat to individual privacy, the technology becomes a boon to privacy
and an empowering force for end users on the net."
I've never heard of anyone with a solid background in crypto who
thinks that any form of Trusted Computing has any redeeming value
whatsoever (unless said person is in it for the money or the power).
For me, this is major food for thought.
Worth reading: http://rpow.net/security.html
Eric
|