Documenting the proposal for TPM 2.0 security in the face of bus interposer attacks

[Ken Goldman]

On 12/10/2018 12:30 PM, James Bottomley wrote:
>> A nit.  The RSA cert is at 01c00002.  The ECC cert is at 01c0000a.
> Is this actually published somewhere? ... I was guessing from the TPM
> 2.0 provisioning guide.

Yes.

The certificates, including the handles, are standardized
in the Infrastructure WG document: TCG EK Credential Profile
For TPM Family 2.0.

This document also explains how to recreate the EKs from standard templates.