New features include:
- Security Version Number (SVN) and Firmware-based hierarchies
- Ability to define Policies based on TPM Capabilities (TPM2_PolicyCapability)
- Ability to define Policies based on specific command/parameter combinations (TPM2_PolicyParameters)
- A new “Permanent" NV index type - defined by TPM, can’t be defined/undefined, only queried
- ECC Encrypt/Decrypt (TPM2_ECC_Encrypt/TPM2_ECC_Decrypt)