I don't understand why the Linux Foundation (or some other equally trusted, respected, independent group) doesn't step up and provide signing. I doubt Dell, HP, Lenovo, etc want to deal with a dozen distributions, but I'm sure they would be happy to include a root CA cert from the Linux Foundation as well as Microsoft. Then said foundation could provide signing services to all the distributions. Sadly I think we're out of time for this to happen. Or am I missing something?
Power management, mobile and firmware developer on Linux. Security developer at Aurora. Ex-biologist. mjg59 on Twitter. Content here should not be interpreted as the opinion of my employer. Also on Mastodon.
Linux Foundation
Date: 2012-08-16 07:04 pm (UTC)