Talk:Trusted Computing

From Wikipedia, the free encyclopedia

Trusted Computing is a former featured article candidate. Please view the links under Article milestones below to see why the nomination failed. For older candidates, please check the archive.

August 11, 2006

Featured article candidate

Not promoted

Business and economics Portal

This article is within the scope of the Business and Economics WikiProject.

Stub

rated as Stub-Class on the assessment scale

High

rated as high-importance on the assessment scale

Archives
2004 - September 2005 Sep 2005 - Dec 2005 Dec 2005 - Mar 2006 (approx)

[edit] Weasel Words

The problem with this article is that it has weasel words. Here's some examples.

2nd paragraph

"Advocates of the technology" Who?
"Opponents believe" Who?
"which to critics" Who?

3rd paragraph

"A number of" How many?

The nature of trust

"security experts define" Who?
"Critics characterize" Who?
"While proponents claim" Who?
"critics counter" Who?
"Advocates of" Who?
"Proponents of trusted" Who?
"There is an amount of" How much?
"it is suspected that" Speculation

There's still more, but this is enough to warrant the {{weasel}} tag.

if someone wants to help this article , all this statements can be transformed in citations from the"proponets" and "opponents" links in the external links section Dbiagioli 12:00, 12 November 2006 (UTC)

made some corrections . i'm removing the weasel tag for exception 2 of http://en.wikipedia.org/wiki/Wikipedia:Avoid_weasel_words#Improving_weasel-worded_statements:"holders of the opinion are too diverse or numerous to qualify" Dbiagioli 20:07, 17 November 2006 (UTC)

[edit] reasons for proposed merge of Trustworthy Computing

please see my reasons and discuss at Talk:Trustworthy_Computing#reasons for proposed merge. ObsidianOrder

[edit] Wave systems

I didn't put the link in originally but I replaced it, they are actually pretty central to this field, they own many patents in the area and have developed things like trusted keyboards &ct. --Gorgonzilla 20:41, 8 June 2006 (UTC)

That may be, but there isn't really any useful information there that isn't already in the article. It's a corporate website with various commercial offerings, and there is no obvious notability since Wave Systems Corp. is not mentioned in the article. Since Wikipedia is not a link directory, I say there is no reason to further enlarge the External links section with this link. Haakon 20:47, 8 June 2006 (UTC)

I think I'd side with Haakon on this one. Some of the other links could probably do with being re-examined too as the article is somewhat external link heavy at the moment. --Boxflux 06:32, 9 June 2006 (UTC)

Given the current article which equates trusted computing with the TCG which is in turn a commercial consortium it is somewhat difficult to understand that position. Not that I can quite see why having made the decision TCG is the only game in town that there should be a separate article. I admit I have not done a lot in TCG and only attended one meeting, the very first. But there are a lot more games in the trusted/trustworthy space. --Gorgonzilla 00:52, 10 June 2006 (UTC)

[edit] Italian version

Wow, check out the Italian version of this article, which got FA status. I don't speak a word of the language, but perhaps there is an opportunity here to improve the English-language version of the article? -/- Warren 18:03, 15 July 2006 (UTC)

hello , i'm one of the contributor to that article and i could also translate some pieces , but it will take some time .. also , my english isn't perfect .however , i'll do my besr Dbiagioli 15:08, 19 July 2006 (UTC)Dbiagioli

translations form italian is almost done . Dbiagioli 13:38, 12 August 2006 (UTC)

[edit] POV-check

There appears to be a heavy bias towards a paranoid viewpoint espoused by a small minority in the "Disputed issues" section which lends undue credit to fearmongers. This portion of the article should either be substantially shortened (and "what-if" clauses removed) or the responses of competent professionals who have denounced such myths should be added. —Preceding unsigned comment added by 71.98.89.174 (talk • contribs)

One would expect a disputed section to include heavily disputed topics, and to be characterized as heavily disputed or (depending upon viewpoint) "paranoid" or "naive". Could you list specific examples rather than generically stating that it's heavily biased and/or paranoid. It would help other editors to determine whether there is any substance to the concern and the scope of what you feel is untoward. Right now I'd like to review that section but I have no idea what exact examples you want me to look at. Perhaps you could research the companies concerned, and their responses to these issues, and add the balancing viewpoints yourself if you feel up to it, or at least list what they should be. FT2 ^{(Talk | email)} 22:08, 24 July 2006 (UTC)

I agree with FT2. And besides, I think that the level of paranoia in the article is healthy. I will not use it to protect myself, how can I be sure that the hardware manufacturers will not put asymmetric backdoors in their random key-generators? See kleptography. —Preceding unsigned comment added by 193.11.232.248 (talk • contribs) 21:01, Aug. 17. 2006 (UTC)

I agree with FT2 too -- in fact I think the disputed view is underrepresented. You would be easier to take seriously if you didn't couch your answer in exactly the language the proponents are pushing. For one thnig plenty of "compentent professionals" are explicitly referenced in that section. n —Preceding unsigned comment added by 172.203.199.18 (talk • contribs) 19:07, Aug. 10. 2007 (UTC)

[edit] space punctuation???

I hope I'm not screwing up someone's legit system, but I'm going through and removing a lot of non-grammatical spaces (i.e. a space before a punctuation mark or double/triple spaces b/w words. Sorry if this is any problem --Gbinal 01:44, 15 August 2006 (UTC)

[edit] Proposed owner override for TC

The section on "Proposed owner override for TC" seems to be just another disputed issue. Some people think that it is a good idea, and some people don't. I suggest putting it with the Disputed Issues. Also, it is written with a very anti-TC POV. It complains that the TC folks have refused to scrap a feature in order to please the anti-TC folks. Yes, that's right, just like they disagree on other issues. It should just describe the dispute. Roger 01:29, 23 September 2006 (UTC)

frankly , one could also say that remote attestation is a bug as it is of little use to the average PC user , if any ... the TC proponents say that it's not a bug , it's a feature .. however Owner Override is now in the disputed issue section . Dbiagioli 06:17, 23 September 2006 (UTC)

Thanks. The section still has too much of an anti-TC POV. It refers to "problems" and "solution". To those who think that attestation is a feature, there is no problem and owner override doesn't solve anything. I suggest deleting the whole section, except to say that some TC critics have suggested an owner override in order to give owners more control over their own computers, at the cost of making attestations less meaningful. It could just refer the Seth Schoen article for details. Roger 08:50, 23 September 2006 (UTC)

I think that deletion is never a good idea . perhaps you could add to the section the reasons for which TC proponents think that owner override is a bad idea ? Dbiagioli 09:52, 23 September 2006 (UTC)

[edit] Universal Computer

Add a section on the partisan objections of RMS and the GNU project as well as from the Free Software Foundation on how they claim this impurifies Alan Turing's Universal computer Theory -- That is a computer is a machine that can do the same function as any other existing machine (printing press, fax, polygraph, cassette tapes, records, radio, television, etc) and how trusted computing can possibly limit the computers' abilities to do these things.

Thanks, --Mofomojo 06:10, 27 September 2006 (UTC)

pelase revert as soon as possible the paragraph "key concepts " , "possible uses" ,"disputed issues " to the original order .the article is unreadable and illogic now .Dbiagioli 15:23, 27 September 2006 (UTC)

i've done it myself as i've not received any response Dbiagioli 05:41, 30 September 2006 (UTC)

[edit] US army & trusted computing support

``The U.S. army has also stated that every new PC bought by the army must support trusted computing [3]" - the referenced article DOES NOT state this.

Thanks for spotting this; I've removed the statement from the article. -/- Warren 17:28, 6 October 2006 (UTC)

well, the 'referenced article' _stated_ ' this : see http://www.fcw.com/article95422-07-26-06-Web http://www.securityfocus.com/brief/265 ... and ,, by the way , if you look at the 'suggested models' https://ascp.monmouth.army.mil/scp/cb/cb_products.jsp and if you check them one by one (take for example https://ascp.monmouth.army.mil/scp/cb/cb_item_details.jsp?cat_id=4&ven_id=9 ) you 'll discover that everyone has got a TPM ... the US army has just decided that it does'n want to publicize that fact . Dbiagioli 06:45, 7 October 2006 (UTC)

You write at footnote 4 that "the link [no longer states] that pc must have a TPM." That doesn't mean that the Army dropped the requirement, does it? 10/21/2006 Jvsullivan 19:26, 6 November 2006 (UTC)

well , if' you re able to find proof of the fact that the army still requires a TPM , i'll be happy to change the page. I haven't found it Dbiagioli 14:06, 21 October 2006 (UTC)

I don't mean to be trouble to you, but you're making the affirmative assertion that the requirement was dropped. To base that affirmative assertion on the absence of evidence that it wasn't dropped doesn't seem very encyclopedic. If I come across a reiteration of the requirement, I'll certainly point it out. But I think you should reconsider characterizing the absence of a reiteration as a reversal. Thanks for your attention. Jvsullivan 17:32, 21 October 2006 (UTC)

the problem is , we have not any evidence that the requirement is still in force , so ,giving the fact that the army changed the page, we have to suppose that it was cancelled ... f course in my personal opinion the requirement was not dropped ,but , without the proof that the requirement is still in place , what should be written on the page ? we think the requirement is still in place but we've got no evidence of that ?? Dbiagioli 18:18, 21 October 2006 (UTC)

"We have to suppose"? The cited source says nothing to support the proposition that the requirement was dropped. What is it about an FAQ page that happens not to mention the continued existence of the requirement that compels publication of a supposition that the requirement has been dropped? This isn't adding up. Please take a look at the list accomplishments under strategic goal 3 in this October 2006 Army publication: http://www.army.mil/ciog6/news/500Day2006Update.pdf : "Require Trusted Platform Module (TPM) 1.2 for new computer buys" Thanks. Jvsullivan 19:35, 21 October 2006 (UTC)

that's enoug for me -- page changed .Dbiagioli 21:24, 21 October 2006 (UTC)

[edit] Apple?

The article claims that Apple uses the TPM chip for the Intel version of Mac OS X. This information seems to be false. See [[1]]

well , it seems apple has changed its mind .. old macs had a TPM inside , as your link shows Dbiagioli 11:39, 2 November 2006 (UTC).

No, the article isn't saying that no Macs had TPMs inside. It's saying that TPM or no TPM, Apple never USED the TPM. Apple may have decided to stop including TPM chips in the new models, but the key point being made is that they NEVER USED TPM DRM.

ok, so why apple has included the TPM in some models ? and by the way, the fact that they haven't done it before doesn't mean than they are not planning to do it. Dbiagioli 18:24, 2 November 2006 (UTC)

by default the intel motherboards come with TPM's. Look at any other vendor's computers. I guess they just decided in the end to cut that little cost (it costs like $1 or so per motherboard) and just not include it. Let me say it again - look at other brands . It's very common to have onboard TPM, that doesn't mean all manufactures plan on using them. And as for planning to do, you can say that for anyone. Sheesh!

I have edited the article to reflect this. I removed Apple from the manufacturers ‘planning’ to use TC, and added a note that they — contrary to popular belief — do not. --DanChr 19:22, 28 August 2007 (UTC)

[edit] Endorsement Key Section

From an inexperienced person perspective (hence why I'm reading a Wikipedia article on the subject!) there is a missing bit of information in the Endorsement Key section on how the signing of a random number proves the identity and validity of the TPM involved. I presume it is because the manufacturer or other trusted third party holds a copy of the public key and this is retrieved by the inquirer for the purpose of communication? If this or otherwise is the case I think it would be worthy of noting. Thanks. George Jenkins 21:22, 4 November 2006 (UTC)

no ,the new protocol the TCG uses to prove a TPM's identity (direct anonymous attestation) is much more complex and involves a lot of advanced math . i've added a link to its stub , but explaining it in a wikipedia article is very difficult ,IMHO . Dbiagioli 07:41, 5 November 2006 (UTC)

[edit] Relation to Pentium 3 PSN

Does anyone know how this is different from the P3 PSNs? I seem to remember that they didn't catch on.

The PSNs didn't have a lobby group bribing the politicians... Fosnez 02:26, 28 January 2007 (UTC)

[edit] Lucky Green

I got a question for any experts on the subject: On the internet, there is an abundance of sources (all of them several years old, AFAIK) speaking of the Lucky Green patent incident. For underinformed laymen like me: The story goes something like he filed a patent on using T.C. for commercial purposes right after a conference where some Microsoft spokesperson talked about it, negating a commercial intent of Microsoft on the grounds of "we didn't even know it could be used for that". Sorry for any inaccuracies... I just wondered why there is no mention of that incident anywhere? Mostly I'd like to know how things finally turned out, because there don't seem to be any up to date sources. Kncyu38 14:47, 30 December 2006 (UTC)

[edit] Turing Computer

I suggest deleting the whole section titled, "Alan Turing's Universal Computer and the Free Software Foundation". Someone added a paragraph that helps clarify it, but it is still contradictory and confusing. The only worthwhile thing in the section is mentioning the relation to DRM, but even that is better explained elsewhere in the article. Roger 00:13, 8 January 2007 (UTC)

+1 i agree Dbiagioli 13:55, 8 January 2007 (UTC)

I disagree, I think it's important to show that it's not really a computer in the hands of its owner anymore. "They allege that a trusted computer is not a Universal computer, as defined by Alan Turing ^{[citation needed]}. They say that because users can't switch software, they then cannot use free operating systems or participate in an open-source or file sharing community. They also state that through the enforcement of Digital Rights Management built into the hardware, that users are not really free to make their computer run whatever functions that they see fit and make it emulate any other machine." Tivoization also fits in this definition and I think more should be added back...

These comments don't even make any sense. A trusted computer is a Turing machine as much as any other computer. Even the trusted computer critics don't allege that trusted computers are not universal computers, as far as I can see. There is no source for "They allege". All I found was this trusted computing critic saying "you still have Turing-completeness".[[2]] So I am dropping the section. Roger 18:10, 13 January 2007 (UTC)

I will drop the Turing completeness because I don't know enough about it (and I did leave the "citation needed")--I just added it back because it was there for quite a while anyways. But the crux of the FSF-angle argument is that you can't change software isn't it? http://www.theregister.co.uk/2002/11/08/of_tcpa_palladium_and_wernher/WHy can't we include this sentence only then: "The open source angle

Alan Cox concentrated on the issues of who owns the platform and who owns the key, neatly using Xbox as an example. If you own the keys, then you have the ability to do what you like with the systems you've bought. Your changing the software would clearly have an impact on the trustworthiness of the keys, and people who had established a trust relationship prior to the change would quite possibly then not trust you. So you just go back to them and establish a new relationship, cool, and Alan's happy with that.

But if you don't own sufficient keys to change the system, and somebody else has the rights to say what you can and cannot do with the system, then the system is, in Cox's view, inherently insecure. Which is the case with Xbox. Cox also points out that where you don't own the keys, then "a third party can say you trust your cable provider" (we suspect Cox's cable provider may be something of an issue for him). More seriously, keys could be interfered with in the name of national security, and even the possibility of this happening clearly destroys trust." —The preceding unsigned comment was added by 74.112.116.90 (talk) 18:33, 13 January 2007 (UTC).

some (not all) EK (endorsement key) are revocable, with a password provided by the manufacturers. in pratice, most people will not be able to remove their EK from their TPM . however ,the TPM can still be disabled : on the XBOX360 , the chip (yes , also the XBOX has a TPM ) can't be disabled Dbiagioli 19:33, 13 January 2007 (UTC)

[edit] TC video

There's an amusing video http://www.lafkon.net/tc/ mirrored http://www.cs.bham.ac.uk/~mdr/teaching/modules06/security/video/trustedComputing.html and on youTube http://www.youtube.com/watch?v=K1H7omJW4TI --Bah23 13:46, 6 February 2007 (UTC)

[edit] Foreign language

``Trusted computing... ¡cuando la confianza supera los límites!" (linked) is not in English. What's WP policy on this? I suspect the link should appear in the TC article written in that language?--Bah23 16:40, 8 February 2007 (UTC)

Linked webpages in English are preferable, but if necessary foreign language webpages are allowed. Shinobu (talk) 14:57, 13 June 2008 (UTC)

[edit] Key Point not right

I removed this:

Key Point - Trusted Computing is not about your computer being trusted by you, but about your computer being trusted by authorities, and organisations providing the hardware, software and content you will use on your computer. With TC, the term your computer may be inaccurate - it is more a piece of equipment such organisations have granted you the use of and may disable that use if they consider your use contrary to their interests.

This isn't correct. If you have TC features on your computer, then those features can be used to assure that you can trust your computer. Also, there is not necessarily any ability for others to be able to disable your computer. Roger 18:29, 4 March 2007 (UTC)

Urm, I agree that it's not encyclopedic but your argument against it is just as flawed ("[TC] features can be used to assure that you can trust your computer"). Prehaps we can compromise by using a FSF quote in it's place? 172.213.231.215 12:16, 3 September 2007 (UTC)

The FSF view is already described. Roger 15:22, 3 September 2007 (UTC)

The section should not be there since the tone is non-encyclopedic, not because it is wrong. Frankly, the TC features don't protect you from anything. They protect anything from you. TC stops you from cheating in online games, but it doesn't stop your opponents who may be running on a pre-TC machine. So the trust there is entirely misplaced. You can run TCP, and sure enough, your opponents are still able to see through walls, aim perfectly and never miss, etc. You can only really 'trust' that you yourself are not cheating. However, if you need a hardware solution to know if you downloaded or wrote a cheat patch for a game... you need to get into therapy. And this goes down the line of 'benefits.'76.118.215.233 (talk) 05:20, 7 March 2008 (UTC)

[edit] Implicit pro bias?

This article seems implicitly biased in support. In particular it makes no mention of the considerable controversy surrounding the issue in the introductiory paragraphs, deferring that until after masses of technical details have been unloaded. (It's overly long in any case.) Also it seems to very much play along with the rhetoric of the proponents (overuse of truisms essentially like: trusted computing is computers that are trustworthy and that have trustworthy components). The statements about spam have been widely discredited and certainly shouldn't appear unopposed as they do. It's an unenlightening greywash. I'm not well informed enough to redress the balance but I feel expert attention is needed. 172.203.199.18 17:49, 10 August 2007 (UTC)

[edit] Linux Kernel

"The Linux kernel has included trusted computing support since version 2.6.13, and there are several projects to implement trusted computing for Linux."

Link anyone? or reference ?

[edit] Encyption -> increased power requirements

It should be mentioned that the 2048-bit strong encryption requires significant processing power, which in turn means increased energy requirements. In the case of protected high-resolution videos this will mean a LOT of energy.

It's interesting to compare this with the current efforts to save the environment by not wasting energy. Nokia phones will warn you to unplug the charger when not used to eliminate its small quiescent current draw, while your computer will happily waste the double of the normally necessary power to play back a film. —Preceding unsigned comment added by 85.181.100.68 (talk) 15:16, 31 October 2007 (UTC)

[edit] "Possible" uses?

Does the header "Possible uses of TC" mean that they haven't been implemented yet?

I just want to make sure that DRM isn't a function of TC yet. (ZtObOr 03:45, 11 November 2007 (UTC))

(Sorry, forgot to add signature.)

today , there are only prototypes (like Turaya.FairDRM application of the EMSCB [3] ) that use use TC hardware in order to enforce DRM . Dbiagioli 17:41, 11 November 2007 (UTC)

DRM is inherently a "function" of the TC as designed and specified by the Trusted Computing Group, just as turning left and right is a "function" of cars. As for implementation, (?)most(?) laptop computers and (?)many(?) desktop computers you buy are already shipping with the Trust chip fused to the motherboard and carry CPUs with explicit support for it. However Microsoft has delayed releasing explicit Operating System usage of Trust chips and very little software out there accesses these Trust chips yet. So the answer to your question is a complicated mix of yes and no. Pretty much yes the DRM hardware is already out there and yes they might already have shoved it down your throat hidden in the last computer you bought, but no they haven't really activated it... yet. Alsee 19:55, 4 December 2007 (UTC)

[edit] Cell Processor

More than a year ago I posted to the Cell_(microprocessor) talk page that the Cell processor had hardware DRM / Trusted Computing support and asking for some sort of coverage in the main article, and all that has come of it is a Talk Page accusation that this is "fantasia talk" and someone else all-too-typically sweeping it under a generic "security" rug and of course dismissing all Trusted Computing / DRM issues. However the fact of explicit DRM in the hardware is documented in the very title of IBM's own PDF publication on the Cell: "Cell Broadband Engine Support for Privacy Security and Digital Rights Management", and Trust design explicitly covered on the very first page. (IBM took down the PDF at the original link I had posted, but the Google link I just gave finds the paper at multiple other locations). I have read some other papers from IBM itself documenting crypto keys and crypto mechanisms embedded in the Cell chip, however I have been having a very difficult time locating adequate coverage and explanation on it. I have only a piecemeal understanding of the ultimate DRM/TrustedComputing implications of the design, and I do not feel confident writing it up in the main Cell article. Is there maybe anyone over here who happens to be familiar with these aspects of the Cell design who could add some mention of this issue to the Cell article? I hesitate to do a half-assed writeup myself, and I don't relish the prospect of digging around for enough technical documentation trying to to develop personal expertise on the Cell design. I already spend all too many hours studying the entire low level technical design of the TPM chip, chuckle. Alsee 19:33, 4 December 2007 (UTC)

i'm not faimliar with the cell architecture, but i can assure that your paper exactly describe a TCG architecture, including trusted boot , the hypervisor kernel (you can see the general trusted stack architecture here [4] ) . I'm not sure if the cell engine is *officially* TCG-compliant .Dbiagioli 20:08, 4 December 2007 (UTC)

[edit] external links

i have a question : how many links should be in the "extenal links " section ? how many references can have an article ? is there a wikipedia guideline about it ? Dbiagioli (talk) 20:57, 18 December 2007 (UTC)

[edit] "Secure Computing" which focuses on anonymity

The article includes this sentence: "Contrast Trusted Computing with secure computing in which anonymity, not disclosure, is the main concern." Clicking on the link to secure computing takes you to an article about computer security. However, anonymity is NOT the primary concern of secure computing as described there, and if "secure computing" is in fact a different concept forcused on anonymity, then I haven't found anything about it online.

Could someone please either explain or correct this?James mcl (talk) 18:27, 31 January 2008 (UTC)

corrected Dbiagioli (talk) 14:33, 10 February 2008 (UTC)

Thank you Dbiagioli! James mcl (talk) 14:19, 20 February 2008 (UTC)

[edit] Trusted computing and grid computing

I do not know much about trusted computing, so please bear with me. I would like to understand what (if anything) trusted computing is about aside from its contraversial role in preventing unauthorized copying of music and programs. After reading the article, I still do not think I understand the whole story.

I have only seen three use cases for trusted computing that seem at all interesting: large-scale distributed computations ("grid computing") where the owner of the client machines should not necessarily be trusted, like SETI@home; DRM; and games. (I think the others described in this article require a counter-productive assumption that separate computers ought to be distinguishable. In the 'Protecting hard-drive data' example, what if the motherboard breaks so I must replace it and I need access to my data? In the ' Identity theft protection', what if I have to switch from one computer to another in the middle of a transaction, or what if the bank changes servers to deal with increased number of customers, or relocation? But I digress.) The first of these use cases (grid computing) is not emphasized at all in this article, but it sounds like just the sort of thing that would get a researching excited about ideas like trusted systems.

Did the model of trusted computing described in this article come from academic work, and what motivated it? What was the early history of its implementation like? What originally motivated manufacturers to include trusted computing chips, before this became such a big political issue in connection with copyright and trade secrets? Or was copyright the original motivation for the work?

I think it is the Endorsement key that people have a problem with and connect with the idea of trusted computing. After all, a trusted I/O path, memory protection, encrypted storage, and attestation of various facts by trusted parties are not new ideas and are often made possible through the (implicitly trusted) operating system. Why should we consider hardware more trustworthy than software? But the endorsement key means that a user does not have full specifications of all the relevant details of his computer and he has sacrificed some control for other benefits. Thus all the talk (in the "Possible applications" section) of the benefits of a trusted path, verification of identity, and digitial signatures did not seem to be very convincing or relevant. Am I missing something?

Projects like SETI@home face a real problem in the possibility of a malicious user ruining the whole project with fake data. It is really exciting if we have found a way to surmount that problem. Does trusted computing provide this? If so, how? These are the kind of questions I wished this article had answered!

Thanks for your work so far in maintaining this article on a contentious issue. 209.252.104.131 (talk) 01:01, 26 April 2008 (UTC)

[edit] Outdated reference

"^ Tony McFadden (March 26, 2006). TPM Matrix. Retrieved on 2006-05-05." http://www.tonymcfadden.net/tpmvendors.htm The page does not longer exists. I hope someone can find an equivalent reference. —Preceding unsigned comment added by 81.202.73.10 (talk) 15:26, 25 May 2008 (UTC)

[edit] The endorsement key CANNOT be used for signing

every Trusted Platform Module (TPM) is required to sign a random numb

This is NOT true. The endorsement key cannot be used for signing. —Preceding unsigned comment added by 147.188.192.41 (talk) 13:43, 30 May 2008 (UTC)