If any manufacturer starts selling chips where you can read the key, it will be disallowed by Microsoft.
Then all they need to do is require that ISPs only allow packets to be sent by computers that have passed a Measured/Trusted Boot check, and suddenly all online activity is restricted to "approved" computers, running code from "approved" app stores.
"One Ring to rule them all, One Ring to find them, One Ring to bring them all and in the darkness bind them."
Notice that I didn't mention "country" anywhere. There's no country restriction.
> or rather a single key, held by the government, which signs the list of approved manufacturer keys
Hum, no. The single key is held by Microsoft.
And yeah, that's basically what the Trusted Computing Consortium was designing at the early 00. But people pushed back enough that they stopped publishing public documents and delayed the implementation. We are just getting there.
The technology may not care about countries, but countries care about technology. If (or rather when) a government passes a law limiting internet access to approved operating systems and hardware, the ISPs in that country will logically have to listen for signed updates to the whitelist.
In practice the list might be very short, containing just intermediate keys representing Microsoft, Apple, Google, a few commercially-backed Linux distros, and the CPUs that support them (with the necessary TPMs). The intermediate keyholders would have the responsibility to revoke approval of versions / model numbers that have known vulnerabilities which allow arbitrary user-controlled code to run.
Nothing absolute, mainly a long series of annoying hurdles - including the constant barrage of updates.
