Cyril Brulebois wrote: > (Sorry, I'm new to all this) do you mean (1) the regular linux image > packages are getting a signature added, and we're using those like we do > today, or (2) that we'll have additional linux image packages with the > signatures to be used instead of the usual linux image packages when a > Secure Boot environment is detected? (or (3) something else…) The secure boot shim is a small bootloader. It's the only part that absolutely needs to be signed by MS, AIUI. It was designed to facilitate distributions in our position. Signed versions are also already available, produced by DD Matthew Garret, though not as Debian packages (perhaps he could be convinced to maintain it?) http://mjg59.dreamwidth.org/20303.html http://www.codon.org.uk/~mjg59/shim-signed/ (Assuming the plan is to use Matthew's shim and not the other one created by IIRC, the Linux Foundation.) -- see shy jo
Attachment:
signature.asc
Description: Digital signature