Will Danbury include TPM functionality in the chipset? This advance has been rumored for some time. If so I would emphasize the importance of creating certificates for on-chip generated Endorsement Keys, so that attestation (which is much more practical with TXT and its Late Launch feature) can be made more effective via certified TPM keys. You could also look into tying in to Verisign's Trusted Platform Module Root CA as Infineon has done in order to facilitate interoperability.

On another point, it sounds like Danbury must have some symmetric encryption (presumably AES) as well. Don't forget the importance of paying attention to crypto modes of operation. ECB mode is used in some vendor's encrypted disk drive products but is not particularly cryptographically secure. However the threat model there requires opening the drive and replacing the firmware or accessing the platter, a major task. Any system like Danbury which works with commodity disk drives faces a threat where the drive is attached to another computer and the encrypted ciphertext is freely read (and modified!) on that other system. This is a powerful threat model and is sensitive to what modes of operation are used. IEEE P1619, Security in Storage Working Group at http://siswg.net is standardizing encryption modes suitable for bulk disk encryption and may be of interest.