AWK, Thanks for the msft article on NGSCB. Very interesting. One of my favorite parts was the following:
Cryptographic Attestation
Attestation is the process by which a piece of code digitally signs and attests to a piece of data, helping to confirm to the recipient that the data was constructed by a cryptographically identifiable software stack. When used in conjunction with a certification and licensing infrastructure, this mechanism allows the user to reveal selected characteristics of the operating environment to external requestors and to prove to remote service providers that the hardware and software stack is legitimate. By authenticating themselves to remote entities, trusted applications can create, verify, and maintain a security perimeter that does not require trusted administrators or authorities. Attestation provides a stronger security foundation for many tasks that could potentially pose security risks.
Clearly NGSCB is going to be using a Privacy CA. I've looked at Wave's patents and haven't seen anything that jumped out at me and showed that Wave has proprietary IP as a Privacy CA. Yet at this time they are running unopposed as providing this service. Am I missing something? Do you know of any patented IP that strengthens Wave's hold on this space or it purely a first mover advantage at this time?
TIA,
Svenm
