InvestorsHub Logo
Boards
News
Market Data
Markets
Discover
Discover
Subscribe Login/Register
S&P 500
5,628.87
(
0.24%
)
US TECH 100
19,846.00
(
0.27%
)
Dow Jones
40,169.53
(
0.42%
)
Brent Oil
84.19
(
-0.48%
)
Bitcoin
63,316.66
(
4.17%
)
Post# of 249246
Next 10
Reply Private New
Public Reply Private Reply New Post
Keep Last Read
Replies (1) Keep Next 10 Report Keyboard Shortcuts
Replies (1) Next 10 Prev Next

SheldonLevine

Send PM Follow Ignore
Followers 38
Posts 777
Boards Moderated 0
Alias Born 11/30/2003

SheldonLevine

Re: xxxxcslewis post# 103038

Friday, 12/02/2005 9:20:30 AM

Friday, December 02, 2005 9:20:30 AM

Post# of 249246
xxxxcslewis, re: Partition

For now, just "interesting". Bare in mind that this is for Longhorn SERVER. The client specification (Vista) also calls for a SS/FVE utilities partition, but does not specifiy the functionality of the utilities.

- MSFT has reserved an area on the HD for utilities supporting the TPM

- The reserved area is not only for the use of Secure Startup/FVE, but also may be used to store utilities installed by the platform manufacturer (see italics)

- Specifically, these utilities must enable data recovery in the event of lost keys or corruption, i.e. they should include a key backup utility (see bold in Design & Implementation Note)

- The wording is rather ambiguous, it is not clear whether the key backup is only for SS/FVE Recovery keys or for all TPM keys

- It is implied that a platform manufacturer (e.g., Dell) may supply the required key backup utility

Longhorn Server Secure Startup Partition

Windows Server code named “Longhorn” Logo Program for Systems, Version 3.0
Version 3.0 Revision Draft 0.51 – 30th September, 2005

>>>
SYS-SEC-3 Systems implementing TPM support secure startup and full-volume encryption by reserving 350 MB for related utilities, outside the main OS partition

A system that implements a Trusted Platform Module (TPM), version 1.2 (or later), must provide a specific hard drive partition. To enable secure startup functionality, the hard disk layout must include at least 350 MB of reserved space inside a “utility partition,” outside the operating system partition, in an unencrypted and active Windows system partition, in which unencrypted boot utilities for full-volume encryption can exist.

This utility partition must be the active partition and must contain the boot manager and boot manager configuration (boot.ini or equivalent).

Design and Implementation Note
This utility partition is not for the exclusive use of the secure startup, full-volume encryption utilities; it may also contain platform manufacturer utilities.

If these utilities do not exist on the “utility partition,” then secure startup and full-volume encryption will not function. Additionally, these utilities enable data recovery if cryptographic keys are lost or disk or encryption corruption occurs.
<<<

I am trying to get more details on this, will post any developments.

Regards

SL

"RTFM"

Public Reply Private Reply New Post
Keep Last Read
Replies (1) Keep Last Read Next 10 Report Keyboard Shortcuts
Replies (1) Next 10 Prev Next

Join the InvestorsHub Community

Register for free to join our community of investors and share your ideas. You will also get access to streaming quotes, interactive charts, trades, portfolio, live options flow and more tools.

Sign Up