Re: Q: secure boot

To: debian-devel@lists.debian.org
Subject: Re: Q: secure boot
From: Adam Borowski <kilobyte@angband.pl>
Date: Mon, 5 Nov 2018 23:52:35 +0100
Message-id: <[🔎] 20181105225235.734nlt57i43xpupn@angband.pl>
In-reply-to: <[🔎] 20181106041531.48df196b736c982649c7d37d@iijmio-mail.jp>
References: <[🔎] 20181106041531.48df196b736c982649c7d37d@iijmio-mail.jp>

On Tue, Nov 06, 2018 at 04:15:31AM +0900, Hideki Yamane wrote:
> Hi,
> 
>  I'm curious that what is the blocker for introducing secure boot feature
>  into Debian now? Already kernel, grub2 and shim are signed, then what should
>  we do to achieve it?

Another question: do we want it?  It's beneficial only if you can not only
add your own keys but also _remove_ built-in ones, and typical "consumer"
machines don't allow that.


Meow!
-- 
⢀⣴⠾⠻⢶⣦⠀ Have you heard of the Amber Road?  For thousands of years, the
⣾⠁⢰⠒⠀⣿⡁ Romans and co valued amber, hauled through the Europe over the
⢿⡄⠘⠷⠚⠋⠀ mountains and along the Vistula, from Gdańsk.  To where it came
⠈⠳⣄⠀⠀⠀⠀ together with silk (judging by today's amber stalls).

Reply to:

Follow-Ups:
- Re: Q: secure boot
  - From: Hideki Yamane <henrich@iijmio-mail.jp>
- Re: Q: secure boot
  - From: Steve Langasek <vorlon@debian.org>
- Re: Q: secure boot
  - From: Paul Wise <pabs@debian.org>

References:
- Q: secure boot
  - From: Hideki Yamane <henrich@iijmio-mail.jp>

Prev by Date: Q: secure boot
Next by Date: Re: Q: secure boot
Previous by thread: Q: secure boot
Next by thread: Re: Q: secure boot
Index(es):
- Date
- Thread