[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: UEFI Revocation List being distributed by Debian

On Thu, 2020-05-07 at 07:26 +0200, Florian Weimer wrote:

> It also has to be optional and disabled by default because a future
> dbx update may be specifically designed to stop Debian systems from
> booting.  No Debian user will want to install such an update.

Isn't the point of these updates to fix security issues, not to block
systems from booting? Presumably fwupd can be made to not install dbx
updates that would block use of the shim binary currently in use.



Attachment: signature.asc
Description: This is a digitally signed message part

Reply to: