Re: shim-signed

To: debian-devel@lists.debian.org
Cc:
Subject: Re: shim-signed
From: Steve McIntyre <steve@einval.com>
Date: Thu, 28 Apr 2022 17:27:20 +0100
Message-id: <[🔎] E1nk6zA-0003QQ-Ra@mail.einval.com>
In-reply-to: <[🔎] 87k0b9ygzm.fsf@err.no>
References: <[🔎] 20220419002746.GT14939@tack.einval.com> <[🔎] CAGEayXOsfuWpwRVYO0Z7LhM7vNSJP4xJo+P0a0LsvhGYa7RaHw@mail.gmail.com> <[🔎] 877d7hwk91.fsf@hands.com> <[🔎] E1niCtr-007gWR-VN@drop.zugschlus.de> <[🔎] 87v8uz3r32.fsf@err.no> <[🔎] YmT3WXPagR7eu3OO@home.rince.de> <[🔎] YmT3WXPagR7eu3OO@home.rince.de>

Tollef Fog Heen wrote:
>]] Hanno 'Rince' Wagner 
>> 
>> I am a very firm believer of giving people as much information as
>> possible while being responsible. Meaning, that I would love to have
>> that documentation - including a big warning sign which sais "if you
>> follow this path, you may brick your machine and this is your problem,
>> not ours". If someone is interested to learn _how_ the security is
>> done and implemented, why should this be unavailable?
>
>Sadly, warnings generally don't work because people will ignore them and
>break their systems and then blame the people writing the
>documentation, causing load and grief on people were trying to be
>helpful by writing the docs.
>
>I don't think we should invest a lot into writing the docs required
>because we can use that effort elsewhere.  Documentation requires
>maintenance, just like everything else and if it's rarely used, we get
>little value out of that effort.  If somebody is very eager to write and
>maintain that documentation over time, by all means, but we haven't seen
>anyone step up to do so.

+1

Alongside doing technical stuff, I've written a fair amount of
user-facing docs for UEFI, shim and secure boot over the last few
years. In the limited time I have available, I've tried to focus on
the common cases for people using an expected simple setup. I'd *love*
some help to cover more of the space.

-- 
Steve McIntyre, Cambridge, UK.                                steve@einval.com
"We're the technical experts.  We were hired so that management could
 ignore our recommendations and tell us how to do our jobs."  -- Mike Andrews

Reply to:

References:
- Firmware - what are we going to do about it?
  - From: Steve McIntyre <steve@einval.com>
- Re: Firmware - what are we going to do about it?
  - From: Leandro Cunha <leandrocunha016@gmail.com>
- Re: Firmware - what are we going to do about it?
  - From: Philip Hands <phil@hands.com>
- shim-signed (was: Firmware - what are we going to do about it?)
  - From: Marc Haber <mh+debian-devel@zugschlus.de>
- Re: shim-signed
  - From: Tollef Fog Heen <tfheen@err.no>
- Re: shim-signed
  - From: Hanno 'Rince' Wagner <wagner@debian.org>
- Re: shim-signed
  - From: Tollef Fog Heen <tfheen@err.no>

Prev by Date: Re: shim-signed
Next by Date: Re: feedback for NEW packages: switch to using the BTS?
Previous by thread: Re: shim-signed
Next by thread: Re: Firmware - what are we going to do about it?
Index(es):
- Date
- Thread