Someone wrote in [personal profile] mjg59 2011-11-03 11:43 pm (UTC)

Re: what about custom keys?

Think of form factors like the iPod Touch. There's no way you can wedge a jumper in there without disrupting the physical robustness of the design. My guess is that UEFI will be with us for 20 years, and I'd expect a lot more form fators like the iPod Touch and a lot fewer desktops.

Unrelated, printing the key fingerprint prior to enrolment is useful and should be required. But it's a raising the bar thing: an attacker generates keypairs until the fingerprint looks roughly like a real one.

It would also be worthwhile having fields for manufacturer names, product brands and the like, not because these can't be faked, but to give as many legal grounds as possible for takedown notices and prosecution.

Post a comment in response:

If you don't have an account you can create one now.
HTML doesn't work in the subject.
More info about formatting

If you are unable to use this captcha for any reason, please contact us by email at support@dreamwidth.org