Bug#920014: Move forward on this
On Fri, Dec 20, 2019 at 03:35:28PM +0100, Perez Yves-Alexis wrote:
>Hi,
>
>could someone from the EFI team review the MR from Luca?
>
>At ANSSI we are testing hardware acquired for the French administration
>for various security requirements [1], one of them beeing that the
>secure boot key should be updatable.
>
>We test this requirement by generating a small PKI and a USB key based
>on various efitools/sbsigntool binaries [2].
>
>The efitools version currently in Debian has a bug which prevents
>updating the platform key on some implementation (for example some
>Lenovo ThinkPads with AMD processors [3]). The bug is fixed in 1.9.0+ so
>it'd be really nice to include it in Debian (for our use case, but more
>generally for all people wanting to update the PK in their machine).
>
>Thanks in advance!
Hey guys,
Apologies, and thanks for mentioning the MR. I hadn't realised that my
salsa notifications were turned off. :-(
Just looking at things now, sorry for the delay.
Arnaud - are you still planning to work on efitools?
Steve McIntyre, Cambridge, UK. steve@einval.com
"I used to be the first kid on the block wanting a cranial implant,
now I want to be the first with a cranial firewall. " -- Charlie Stross
Reply to: