Also be aware that the in the case of a TPM and fingerprint sensor there are some very important security guarantees that a part must make in order to preserve the security of the system. So it is not in fact scare mongering to try to get this right in the law and commenting about the difficulty of getting this right is not being infected by Apple follower talking points.
The replacement parts have to work, otherwise they are not replacement parts. Neither fingerprint sensors nor TPM chips are magic. There is no difficulty here.
I think this is already covered by a different area of law: false or misleading advertising prevention.
If you buy a TPM that won’t codesign your MacBook’s bootloader (or that uses a compromised signing key) and it was advertised as an equivalent replacement to the OEM’s TPM, that advertising was false. This isn’t much different from buying a smaller hard drive for a computer: just because it works in the machine doesn’t mean it’s as big as the old one, and if it was advertised as 1TB and only stores 500GB, then the advertising is false.
It should be allowed for a system to warn about using a part that has not been certified to work in this type of situation. There is a middle ground where third party parts are allowed but they have to demonstrate that they meet a certain level of safety to not have a warning pop up.
