Contrary to global platform facilities claimed in the posted whitepaper, we have determined that the cryptoprocessor manufacturer does not sign install receipts. In fact, there is generally no widely known public key for the cryptoprocessor manufacturer. We are reworking section 5 of the whitepaper (counterfeiting) in light of this new information. 

Meanwhile we are looking into an alternate third party attestation mechanism that makes insider attacks sufficiently unfeasible in practice. Stay tuned.