State of SecureBoot for Debian GNU/Linux?

To: Ben Hutchings <ben@decadent.org.uk>, Debian Kernel Team <debian-kernel@lists.debian.org>
Cc: UCS Kernel Maintainer <kernel-maintainers@univention.de>
Subject: State of SecureBoot for Debian GNU/Linux?
From: Philipp Hahn <hahn@univention.de>
Date: Mon, 11 Dec 2017 17:55:01 +0100
Message-id: <[🔎] 3813da85-54d2-206e-1c91-534c939a5c23@univention.de>

Hello fellow DDs,

I'm employed by Univention and we ship our Debian based distribution
"Univention Corporate Server" with UEFI support. Currently we're
building our own Linux kernel and have our own signed version of shim
and grub.

For our next release, which will be based von Debian-Stretch, we're
considering to switch to the Debian provided kernel.

If read <https://wiki.debian.org/SecureBoot> and
<https://bugs.debian.org/820036>, but what's the current state of Secure
Boot in Debian?

We have successfully gone through the Microsoft SHIM review process once
and are currently waiting for the review of our SHIM-13 be the
shim-review list, so we have an EV certificate and I also have some
knowledge of the process myself.

Can I (we) help with improving the situation of Secure-Boot in Debian?

Sincerely
Philipp
-- 
Philipp Hahn
Open Source Software Engineer

Univention GmbH
be open.
Mary-Somerville-Str. 1
D-28359 Bremen
Tel.: +49 421 22232-0
Fax : +49 421 22232-99
hahn@univention.de

http://www.univention.de/
Geschäftsführer: Peter H. Ganten
HRB 20755 Amtsgericht Bremen
Steuer-Nr.: 71-597-02876

Reply to:

Follow-Ups:
- Re: State of SecureBoot for Debian GNU/Linux?
  - From: Ben Hutchings <ben@decadent.org.uk>

Prev by Date: Bug#883938: Bug #883938: linux-image-3.16.0-4-amd64: Kernel panic on boot after upgrading to debian 8.10 kernel 3.16.51
Next by Date: Bug#884094: User message
Previous by thread: Bug#884116: linux-image-4.9.0-4-amd64: screen atrifacts then crash
Next by thread: Re: State of SecureBoot for Debian GNU/Linux?
Index(es):
- Date
- Thread