On Sun, 2019-01-20 at 00:16 +0100, Philipp Kern wrote: > Hi, > > On 2019-01-13 20:23, Steve McIntyre wrote: [...] > > I'll test all these again in the next couple of days to verify that > > things have pulled through as I expect, then it's time to post to > > d-d-a and write a blog too. We've made great progress already. These > > last changes just tie it all together for end users. > > I just tried to test this. As far as I can see grub is still signed by > "secure-boot-test-key-lfaraone" as of netinst from yesterday (Saturday). [...] Yes, this is expected. Does anyone want to implement the proposal I made at <https://wiki.debian.org/SecureBoot#Describing_the_trust_chain> or are we just going to have a flag day and hope no-one screws up after that? Ben. -- Ben Hutchings You can't have everything. Where would you put it?
Attachment:
signature.asc
Description: This is a digitally signed message part