Re: EFI in Debian

To: debian-devel@lists.debian.org
Cc: Andreas Barth <aba@ayous.org>
Subject: Re: EFI in Debian
From: Steve Langasek <vorlon@debian.org>
Date: Sat, 7 Jul 2012 15:58:13 -0600
Message-id: <[🔎] 20120707215813.GB24468@virgil.dodds.net>
Mail-followup-to: debian-devel@lists.debian.org, Andreas Barth <aba@ayous.org>
In-reply-to: <[🔎] 20120707210957.GG2385@mails.so.argh.org>
References: <[🔎] 20120702164213.GC12639@einval.com> <[🔎] jt1c0d$qn1$1@dough.gmane.org> <[🔎] jt1e7k$fik$1@dough.gmane.org> <[🔎] 20120706022737.GA9783@thunk.org> <[🔎] 1341549164.25597.87.camel@deadeye.wl.decadent.org.uk> <[🔎] 1341562441.21607.269.camel@pi0307572> <[🔎] 20120707204859.GA15478@virgil.dodds.net> <[🔎] 20120707210957.GG2385@mails.so.argh.org>

On Sat, Jul 07, 2012 at 11:09:57PM +0200, Andreas Barth wrote:
> * Steve Langasek (vorlon@debian.org) [120707 22:54]:
> > On Fri, Jul 06, 2012 at 10:14:01AM +0200, Josselin Mouette wrote:
> > > If OTOH we have to pay a fee just for our software to work on platforms
> > > that just happen to be using Microsoft’s certificate, this is clearly
> > > abusive.  I would object to do so, and I believe we would (at least in
> > > Europe) have a very strong case in court against such practice.

> > Note that the Windows 8 requirements stipulate that users must in all cases
> > retain the ability to disable Secure Boot on their x86 systems from the
> > firmware.  It's really a question of ease of installation, and whether
> > Secure Boot provides any additional security protection that we think it's
> > worth providing to Debian users out of the box.

> IIRC it's not the same on embedded hardware.

The distinction is between x86 and ARM, and the Windows 8 cert requirements
for ARM appear to have as their goal to prevent any other OS to be bootable
on that hardware.  So I don't think you should expect MS to sign any UEFI
ARM bootloader binaries at all.

-- 
Steve Langasek                   Give me a lever long enough and a Free OS
Debian Developer                   to set it on, and I can move the world.
Ubuntu Developer                                    http://www.debian.org/
slangasek@ubuntu.com                                     vorlon@debian.org

Reply to:

Follow-Ups:
- Re: EFI in Debian
  - From: Wookey <wookey@wookware.org>

References:
- EFI in Debian
  - From: Steve McIntyre <steve@einval.com>
- Re: EFI in Debian
  - From: Tanguy Ortolo <tanguy+debian@ortolo.eu>
- Re: EFI in Debian
  - From: Tanguy Ortolo <tanguy+debian@ortolo.eu>
- Re: EFI in Debian
  - From: Theodore Ts'o <tytso@mit.edu>
- Re: EFI in Debian
  - From: Ben Hutchings <ben@decadent.org.uk>
- Re: EFI in Debian
  - From: Josselin Mouette <joss@debian.org>
- Re: EFI in Debian
  - From: Steve Langasek <vorlon@debian.org>
- Re: EFI in Debian
  - From: Andreas Barth <aba@ayous.org>

Prev by Date: Re: EFI in Debian
Next by Date: Re: CD sizes again (and BoF reminder!)
Previous by thread: Re: EFI in Debian
Next by thread: Re: EFI in Debian
Index(es):
- Date
- Thread