On Fri, Jul 06, 2012 at 10:14:01AM +0200, Josselin Mouette wrote: > Le vendredi 06 juillet 2012 à 05:32 +0100, Ben Hutchings a écrit : > > 1. General consensus in the project that supporting the option of Secure > > Boot, including purchase of a Microsoft-signed certificate, is > > worthwhile and not entirely objectionable. > Not entirely objectionable indeed, but it really depends on what we > would have to pay for. As long as it is only covering for > administrative costs of Microsoft emitting a new certificate, it is > fine. Microsoft has indicated their intent to provide the Secure Boot CA services free of charge. AIUI the only associated fee is to a third party, Verisign, for them to provide the service of establishing digital identity to Microsoft's standards. > If OTOH we have to pay a fee just for our software to work on platforms > that just happen to be using Microsoft’s certificate, this is clearly > abusive. I would object to do so, and I believe we would (at least in > Europe) have a very strong case in court against such practice. Note that the Windows 8 requirements stipulate that users must in all cases retain the ability to disable Secure Boot on their x86 systems from the firmware. It's really a question of ease of installation, and whether Secure Boot provides any additional security protection that we think it's worth providing to Debian users out of the box. -- Steve Langasek Give me a lever long enough and a Free OS Debian Developer to set it on, and I can move the world. Ubuntu Developer http://www.debian.org/ slangasek@ubuntu.com vorlon@debian.org
Attachment:
signature.asc
Description: Digital signature