README ====== "OpenTC PET Proof of Concept prototype" - SUSE version Overview: This liveCD contains the components of the proof of concept prototype of the first period of the OpenTC project for the application scenario called Private Electronic Transactions (PET). This bootable iso image aims to demonstrate the Trusted Computing use case of a dual gateway/proxy solution that serves as an attestable platform for secured internet banking transactions. It is far from being ready for any use in the critical security infrastructure of a financial institution, and there is no claim for this kind of readiness. The intention is to show what can be done with the Trusted Computing Technology components that are available on Linux today, aspects such as deployment, certificate management, configuration management, deployment and lifecycle management are mostly disregarded. ------------------------------------------------------------------------------ Hardware requirements to run the demonstration: One laptop computer equipped with 1GB RAM; supported models are: 1) HP nx6325 2) Lenovo T60 This LiveCD may easily be runnable on many other systems, but your mileage may vary. ------------------------------------------------------------------------------ Known problems: - when running with Xen hypervisor the creation of AIK (see icon step #4 on the desktop when in expert user mode) may take very long; the following workaround can be use to have an acceptable duration: - before booting, connect the platform to the wired network and make sure that a DHCP server is available to give the platform the network configuration parameters; this not required by application scenario, since both client and server sides components run on the same physical platform, but makes the time needed for AIK creation from about thirty seconds to two minutes - if the time for step #4 exceeds two minutes or if a network connection or the DHCP server cannot be provided, in a console window, while the AIK process is being executed, launch the following pair of commands ifdown eth0 ifup eth0 once or more times until the AIK is generated. - when running with L4 microkernel, from time to time the network configuration from a DHCP server cannot be obtained: this is not a real issue for the demonstrator procedure, because this application scenario doesn't need for any access to the physical network - when running with Xen hypervisor it may happen with T60 that the X11 screen in dom0 is garbled if the laptop is undocked - when running with L4 microkernel, Firefox and the java tools for Trusted Computing operations (launched by clicking on icons marked as #x on the desktop when in expert user mode) may not work; in this case please use the DSL version of the prototype. ------------------------------------------------------------------------------ Warranty: This iso image do not come with any warranty of any kind, nor is it supported by Open_TC consortium in any way. However, if you have any questions about the project, its results or its motivation, use the contacts below. For the complete disclaimer and license information have a look at the files COPYING and DISCLAIMER. ------------------------------------------------------------------------------ The Open_TC project is co-financed by the EC. If you need further information about the project, please visit our website www.opentc.net or contact the coordinator: Technikon Forschungs- und Planungsgesellschaft mbH Richard-Wagner-Strasse 7, 9500 Villach, AUSTRIA Tel. +43 4242 23355 - 0 Fax. +43 4242 23355 - 77 Email coordination@opentc.net