@pid_eins You won't see this, but TPM's were never intended to be a "democratic" thing - TPMs were implemented with the main purpose of restricting the user.

Yes, ironically the security of past TPM implementations turned out to be so bad that proprietary restrictors gave up on using them and the only use of TPMs are now to check boot signatures - but the security of such TPMs is very flawed and it's arguably more secure to setup GNU Grub to do signature checking and installing GNUboot with your gnupg key inserted into the cbfs.

microsoft is now giving "palladium" another try under the same name with fTPM's - in the past they totally failed, but they might not fail totally this time.