I'm guessing the underlying requirement here is for Windows 11 to be able to run.
Am I right in saying that in this use case, the vTPM is required to ensure that Windows itself can encrypt itself, thus actually resulting in two levels of encryption. This isn't just a problem for home users, but also business/enterprise and government use cases also, double encryption will cause significant performance overhead with large fleets.
Given this, wouldn't it make sense to have an option to turn off VMware level encryption, where the vTPM is actually used to facilitate OS level encryption.
