Matthew Garrett ([personal profile] mjg59) wrote 2012-05-31 03:23 pm (UTC)

Re: The signing format only permits a single signature per binary?

Sadly, yes, it's too late to fix it. It's part of the UEFI spec, the relevant version of which was released last year. At the time, it didn't seem objectionable - we'd been under the impression[1] that this was going to be opt-in functionality, at which point the signature management becomes local policy. Microsoft's policy was dropped on top of this last August, after spec adoption had already begun.

[1] And it turns out we weren't the only ones...
(348 comments)

Post a comment in response:

If you don't have an account you can create one now.
HTML doesn't work in the subject.
More info about formatting

If you are unable to use this captcha for any reason, please contact us by email at support@dreamwidth.org

 
Notice: This account is set to log the IP addresses of everyone who comments.
Links will be displayed as unclickable URLs to help prevent spam.