Generating a Trusted Platform Module Identity
In Chapter 2, we gave an overview of the form of the TPM identity (sometimes called attestation identity), the roles of the TPME, the PE, and the Privacy-CA in creating this identity, and the mechanism by which the TPM identity can be used to create a platform identity. In this chapter, we also presented the type of identity credential that will be associated with such TPM identities.
In this section, we give a more detailed explanation of the protocol used to allow the owner of the TPM to obtain a TPM identity, to present that identity to a certification authority, and to have it certify the identity as a TPM attestation identity by issuing the appropriate identity credential.
A summary of the protocol ...