mjg59 | What if Microsoft won't sign the bootloader? (Reply)

From: (Anonymous)

Apart from a theoretical agreement cooked up by lawyers between Microsoft and RedHat, there is no guarantee that Microsoft will sign anything. Or at some point it will refuse to sign anything or provide any other arbitrary chosen reason why it will not sign the bootloader. Or it will commonly blacklist these, so dual boot will not work.

I do understand that this is the easy way, disabling secure boot is an option, setting up own key is an option. However, if that happens, the damage will be done. Is there any reason for going down that route?

Profile

Matthew Garrett

About Matthew

Power management, mobile and firmware developer on Linux. Security developer at Nebula. Ex-biologist. @mjg59 on Twitter. Content here should not be interpreted as the opinion of my employer.

Active Entries

1: Mir, the Canonical CLA and skewing the playing field
2: Secure Boot isn't the only problem facing Linux on Windows 8 hardware
3: Dealing with UEFI non-volatile memory quirks
4: More in the series of bizarre UEFI bugs
5: TVs are all awful
6: Samsung laptop bug is not Linux specific
7: Playing with Thunderbolt under Linux on Apple hardware
8: A short introduction to TPMs
9: Rebooting
10: Update on leaked UEFI signing keys - probably no significant risk

Expand Cut Tags

No cut tags