Solving Bigger Problems with the TPM 2.0
Throughout this book, we have described examples of how you can use particular TPM commands in programs. This chapter looks at how some of those commands can be combined to create programs that use multiple features of the TPM. These ideas couldn’t be implemented easily with TPM 1.2, but TPM 2.0 has added features that make it easy to solve these problems.
Remote Provisioning of PCs with IDevIDs Using the EK
Each client’s TPM comes with an endorsement key (EK). This is a storage key, and it comes with a certificate indicating that it’s from an authentic TPM. An enterprise may also have a list ...