1. LE1600-InfineonTPM.zip Driver
2. Readme.txt File Contents

Readme.txt Driver File Contents (LE1600-InfineonTPM.zip)

--------------------------------------------------------------------------------
		Infineon TPM Professional Package V1.7
               		Release Notes
--------------------------------------------------------------------------------

Contents:

1. Welcome

2. Installation

3. Infineon Security Platform Software
  3.1 Security Platform Settings Tool
  3.2 Security Platform Initialization Wizard
  3.3 Security Platform User Initialization Wizard
  3.4 Security Platform Migration Wizard
  3.5 Security Platform Backup Wizard
  3.6 Security Platform Status Indication Applet
  3.7 Security Platform Integration Services
  3.8 Security Platform Services

4. If you have questions

5. Release Info
  5.1 About this Release
  5.2 Hardware and Software Platform Requirements
  5.3 Version Information
  5.4 Trusted Platform Module Firmware Upgrade
  5.5 Known Bugs and Limitations

================================================================================

1. Welcome

Welcome to Infineon Security Platform Software 1.7.
The Infineon Security Platform Software is required to use your Trusted Platform Module.
The Infineon Security Platform Software is a TCG-compliant security solution for PCs.

For further information about TCG (Trusted Computing Group):
https://www.trustedcomputinggroup.org

2. Installation

The Infineon Security Platform Software installation - "Setup.exe" installs:

- Security Platform - Getting Started Guide
- Security Platform Settings Tool
- Security Platform Platform Initialization Wizard
- Security Platform User Initialization Wizard
- Security Platform Migration Wizard
- Security Platform Backup Wizard
- Security Platform Status Indication Applet
- Security Platform Integration Services
    * Microsoft® Outlook® Integration
    * Netscape® Integration
    * Encrypted File System Integration
    * Personal Secure Drive
    * Policy Administration
- Security Platform Services
    * TCG TSS Service Provider
    * TCG TSS Core Service
    * TCG TSS Device Driver Library

Note:
To install this software administrative rights are required.

Unattended Installation:
Silent installation can be done by calling the setup.exe with following command line parameters:
- Installation for all users:      setup.exe /s /v"/qn"


3. Infineon Security Platform Software

3.1 Security Platform Settings Tool

The Security Platform Settings tool allows you to change the settings of your initialized Security Platform.


3.2 Security Platform Initialization Wizard

The Security Platform Initialization wizard allows you to initially set up your Security Platform in order to become a Security Platform Owner.


3.3 Security Platform User Initialization Wizard

The Security Platform User Initialization wizard allows you to initially set up a Security Platform user in order to take advantage of the Security Platform Integration Services.


3.4 Security Platform Migration Wizard

The Security Platform Migration wizard allows you to migrate your user keys and certificates from a Security Platform to another Security Platform.


3.5 Security Platform Backup Wizard

The Security Platform Backup wizard allows you to backup your Security Platform related credentials data.


3.6 Security Platform Status Indication Applet

The Security Platform Status Indication applet provides general information about the actual state of the Security Platform by displaying the appropriate information via an icon in the task notification area.


3.7 Security Platform Integration Services

The Trusted Platform Module Cryptographic Provider enables you to take advantage of your Trusted Platform Module by applications utilizing the Microsoft Crypto-API.

For instance you can
- sign and encrypt e-mail using Microsoft® Outlook® or Microsoft® Outlook® Express
- access web-sites over a secure, two-sided authenticated SSL connection using Microsoft Internet Explorer.
- encrypt your files by providing a seamless integration into the Encrypted File System (EFS) of Microsoft® Windows® 2000 Professional and Microsoft® Windows® XP Professional.

The Trusted Platform Module PKCS#11 Provider enables you to take advantage of your Trusted Platform Module by applications utilizing the PKSC#11 Crypto-API.

For instance you can
- sign and encrypt e-mail using Netscape e-mail clients
- access web-sites over a secure, two-sided authenticated SSL connection using
  Netscape web browsers 7.0 and 4.79.


3.8 Security Platform Services

The Security Platform Services provides you with a TCG compliant software stack running on your system.
The TCG Trusted Software Stack is built by the following modules:
- TCG TSS Device Driver Library
- TCG TSS Core Service
- TCG TSS Service Provider

The TCG Software Stack is an integral part of a TCG compliant platform, and provides functions that can be used by enhanced operating systems and applications.

After installation it is recommended to check whether a firmware update is available.


4. If you have questions

If you have any questions or problems, please contact your dealer first.
Further information and support is available under http://www.infineon.com


5. Release Info

5.1 About this Release

This release contains the

- Security Platform - Getting Started Guide
- Security Platform Settings Tool
- Security Platform Initialization Wizard
- Security Platform User Initialization Wizard
- Security Platform Migration Wizard
- Security Platform Backup Wizard
- Security Platform Status Indication Applet
- Security Platform Integration Services
    * Microsoft® Outlook® Integration
    * Netscape® Integration
    * Encrypted File System Integration (not supported under Windows XP Home)
    * Personal Secure Drive
    * Policy Administration
- Security Platform Services
    * TCG TSS Service Provider
    * TCG TSS Core Service
    * TCG TSS Device Driver Library
to enable access to the Trusted Platform Module by application utilizing the interfaces as specified by
- TCG
- Microsoft® Crypto-API
- PKCS#11


5.2 Hardware and Software Platform Requirements

Operating Systems:    - Microsoft Windows 2000 Professional ServicePack4 with
			Microsoft Internet Explorer 5 or higher
                      - Microsoft Windows 2000 Server ServicePack4 with
			Microsoft Internet Explorer 5 or higher
                      - Microsoft Windows XP Professional
                      - Microsoft Windows XP Home

Microsoft Office:     - Microsoft Office 2000 SR-1 or higher
                      - Microsoft Office XP or higher

Netscape:             - Netscape web browsers 7.0 and 4.79

Hardware Requirements: A PC capable to run one of the mentioned operating
                       systems and equipped with a Trusted Platform Module.


5.3 Version Information	

Infineon TPM Professional Package V1.7


5.4 Trusted Platform Module Firmware Upgrade

After installation it is recommended to check whether a firmware update is available provided by http://www.infineon.com


5.5 Known Bugs and  Limitations

5.5.1 Firmware Limitations:

The Firmware released with this version has implemented the functionality according to TCG Main Specification 1.1b (February 22, 2002) without:
- Audit (section 8.12)
- Maintenance (section 7.3)
- Set Redirection (section 8.17)


5.5.2 Problems with Trusted Platform Module:

In case an application using the Trusted Platform Module fails resetting the Trusted Platform Module may solve the problem.
To reset the Trusted Platform Module shut down the PC (turn off the computer after the system has shut down) and start PC again.


5.5.3 ATTENTION with Trusted Platform Module Cryptographic Provider:

Taking Ownership by the Security Platform Initialization wizard creates a new Storage Root Key.
Usually you will setup a Security Platform Owner only once for a specific Trusted Platform Module.
Since all your public key certificates are bound to the Trusted Platform Module's Storage Root Key, you will no longer be able to use these certificates with a newly created Storage Root Key.


5.5.4 Emergency Recovery Archive availability:

If Basic User Key cannot be loaded (for example as a result of clearing Trusted Platform Module Ownership and taking Ownership again) then Security Platform User Initialization Wizard does not allow to proceed with user initialization.
The correct step in this situation is to run Security Platform Initialization Wizard and perform Emergency Recovery by calling the wizard with command line option: "SpTPMWz.exe /restore".

If for some reason Emergency Recovery Archive is not available (for example it was lost or corrupted)
then Basic User Key cannot be restored. To proceed with creation of a new Basic User Key in this situation Security Platform User Initialization Wizard must be started with "/forceinit" or "-forceinit"
Command line option: "SpUserWz.exe /forceinit".

Note: new Basic User Key will be created and therefore all previously protected data will be lost.


5.5.5 Automatic authorization of destination computer for migration:

Destination platform may be automatically authorized for migration of user keys and certificates with the help of "Browse..." button of the "Authorize..." dialog on the "Migration" tab of the Security Platform Administration Tool. This feature has the following limitation:
- in order to successfully authorize the destination platform the user account attempting to perform this operation on the source platform must have administrative privileges (be a member of Administrators group) for the destination platform.


5.5.6 EFS certificates are always self signed:

During user security features configuration the Security Platform Solution Software generates a new certificate for use with EFS file and folder encryption. Currently this certificate is always generated as self signed certificate even if your security policy is configured to request EFS certificate from online certificate authority (CA).

Workaround: manually request EFS certificate protected by Trusted Platform Module Cryptographic Provider and install it on your platform (for specific procedure contact your system administrator).
Then run Security Platform User Initialization Wizard and select "Select..." on Encryption Certificate page.
Select EFS certificate issued by your CA and proceed to finish security features configuration.

5.5.7 Migration of Security Platform
The migration process will install new user keys and certificates on the machine you are migrating to.
You will need to configure Security Platform Features for use with these new keys and certificates.

WARNING:
Migration process will also invalidate your existing Security Platform keys and certificates installed on the machine you are migrating to. Your encrypted data may be lost as a result of this operation.
Please decrypt your encrypted data before proceeding with migration or contact your system administrator for data recovery procedure.


5.5.8 Known Online Help Errors

There are some known HTML Help errors. For example, Security Updates for Internet Explorer might cause problems
(see Microsoft Security Bulletin MS03-048). These problems can be fixed with an HTML Help Update (see Microsoft Knowledge
Base Article 811630). Furthermore links to other help files might work only if all concerned help files are on the local hard disk. For more information please search the Microsoft Knowledge Base's "Support & Troubleshooting"
category for "HTML Help".


5.5.9 No support for saving Personal Secure Drive content to a CD data disc at Windows XP

On XP Windows Explorer supports to write data directly to CD data discs with Joliet and ISO-9660 file systems.
During the process of deleting a Personal Secure Drive it is not supported to select such a CD data disc for saving the content of the Personal Secure Drive.
If you want to save the content of a Personal Secure Drive to a CD data disc use Windows Explorer directly before deleting the Personal Secure Drive.