[tpm2] How can I prevent MITM attacks for unsealing?