mjg59 | (Reply)

From: (Anonymous)

One thing is not clear to me: Does "signing by Microsoft" mean that Fedora will provide Microsoft with the binary bootloader and Microsoft will return what Fedora can only hope is a signed, but otherwise unmodified copy of it, or will Microsoft provide a signing key that the Fedora project can use to sign its bootloader using open-source software?

Because the first option, to be quite frank, sounds beyond unacceptable to me.

Profile

Matthew Garrett

About Matthew

Power management, mobile and firmware developer on Linux. Security developer at Nebula. Ex-biologist. @mjg59 on Twitter. Content here should not be interpreted as the opinion of my employer.

Active Entries

1: More in the series of bizarre UEFI bugs
2: Samsung laptop bug is not Linux specific
3: Playing with Thunderbolt under Linux on Apple hardware
4: A short introduction to TPMs
5: Rebooting
6: Update on leaked UEFI signing keys - probably no significant risk
7: Leaked UEFI signing keys
8: Secure Boot and Restricted Boot.
9: The current state of UEFI and Linux
10: Using pstore to debug awkward kernel crashes

Expand Cut Tags

No cut tags

Matthew Garrett

(Reply)

no subject

Profile

About Matthew

Active Entries

Expand Cut Tags