CPU doesn't have any secure storage, so it can't encrypt or authenticate comms to the TPM. The on-CPU fTPMs are the solution, the CPU then has the secure storage.
That make sense, CPU has no place to store private keys, since that is the functionality of TPM...
Unless there is a firmware solution, which defeats the purpose of a standalone tpm.
Because of course
CPU doesn't have any secure storage, so it can't encrypt or authenticate comms to the TPM. The on-CPU fTPMs are the solution, the CPU then has the secure storage.
That make sense, CPU has no place to store private keys, since that is the functionality of TPM...
Unless there is a firmware solution, which defeats the purpose of a standalone tpm.