We made as many improvements as we could in Windows 10 version 1903 to make this process more reliable. We can attempt to force that to happen by running the TPM maintenance task:īut for various reasons (bad drivers, network connectivity challenges, TPM operating in reduced functionality mode, etc.) that process might not complete successfully. Instead, they are supposed to acquire that cert when they start up. We also discovered some challenges with devices that don’t ship with an EKPub cert. for Surface devices), others still haven’t done that – and then try to use those devices with Windows Autopilot scenarios that require TPM attestation. While some customers diligently updated their TPM firmware (e.g. See the CERT bulletin and related MSRC bulletin for more details. Since all new PCs manufactured in 2016 or later should support TPM attestation, this seemed like a reasonable idea.īut then there was a complication: a TPM vulnerability that required us to block certain TPMs because they hadn’t yet been patched. Most customers want assurances that random devices can’t join or enroll, so this is the mechanism that we decided to use. Azure AD will then provide a device token, enabling Azure AD Join or MDM enrollment, without anyone ever typing in any credentials. A device can leverage TPM attestation to prove to Azure AD that it is the same device that was registered with Windows Autopilot. The CA issues a certificate with a special issuance policy OID to denote that the key is now attested to be protected by a TPM.Īlright, but what does any of that have to do with Windows Autopilot? Simply, we needed a mechanism to allow the device to prove that it wasn’t an imposter.A user proves to the CA that the RSA key for which the certificate is being requested is cryptographically related to the EKPub and that the user owns the EKpriv.A CA establishes trust in the TPM either via EKPub or EKCert.
Some TPM chips also have an EK certificate that is issued by the manufacturer for the EKPub. We refer to the public portion of this key as EKPub and the associated private key as EKPriv. Every TPM ships with a unique asymmetric key, called the Endorsement Key (EK), burned by the manufacturer.In general, TPM key attestation is based on the following pillars: This new access control paradigm is strong because it is tied to a hardware-bound user identity, which is stronger than a software-based credential.Īnd that same article goes on to describe how it works: With TPM key attestation, a new management paradigm is now possible: An administrator can define the set of devices that users can use to access corporate resources (for example, VPN or wireless access point) and have strong guarantees that no other devices can be used to access them. From some older Windows Server documentation, here’s a decent overview: First off, it would be good to touch on what TPM attestation is, and then talk about why you care.
0 kommentar(er)
