[openssl-users] OpenSSL engine and TPM usage.

Ken Goldman kgoldman at us.ibm.com
Thu Oct 26 12:37:14 UTC 2017

On 10/26/2017 3:33 AM, Michael Ströder wrote:
> Michael Richardson wrote:
>> Jakob Bohm <jb-openssl at wisemo.com> wrote:
>> wow, further evidence that everything needs an upgrade path.
>  From the viewpoint of hardware vendors the upgrade path is selling new
> hardware. It's simply like that. Not very sustainable...

All the TPMs I know of have the ability to do a "field upgrade".  They 
can accept vendor signed firmware updates.  In fact, the newer ones can 
switch between TPM 1.2 and the new TPM 2.0 API.

No need to touch the hardware.

More information about the openssl-users mailing list