Re: the ghost of UEFI and Micr0$0ft

To: Debian User <debian-user@lists.debian.org>
Subject: Re: the ghost of UEFI and Micr0$0ft
From: Tom H <tomh0665@gmail.com>
Date: Wed, 6 Jun 2012 13:07:23 -0400
Message-id: <[🔎] CAOdo=Sw2vLgdXGVCKk50c8ajQM-xSnZzCznZA=9BBowLdFJuCg@mail.gmail.com>
In-reply-to: <[🔎] 4FCF4386.2000508@lboro.ac.uk>
References: <[🔎] CAO4+coYHYAghvJ=DtQXzSyLRX7KkRDWEy6p4ktZtoZR=Nf4mUg@mail.gmail.com> <[🔎] 1338883289.3371.6.camel@precise> <[🔎] 4FCE2D01.1090906@optonline.net> <[🔎] 20120605182626.7f21d335@ares.home.chubig.net> <[🔎] 4FCE3B09.50104@optonline.net> <[🔎] 20120605191855.3d0611ad@ares.home.chubig.net> <[🔎] 20120605180127.GJ6442@n0nb.us> <[🔎] CAOEVnYss7mXb_jNzh+nYyGAQAXsthdziwP18_+Q8F_jiSYu_Gw@mail.gmail.com> <[🔎] 20120606033536.GK4462@n0nb.us> <[🔎] 4FCEDA0B.8050601@gmail.com> <[🔎] CAOdo=SwSzVmtasgxYwmYhqAEmCWeeyV_Ew_4tG8S7rCq3zkjWg@mail.gmail.com> <[🔎] 4FCF2BB8.9070909@gmail.com> <[🔎] CAOdo=SyALgri4pLTfNivZhDR+LKDPo0jrhnjvwxzq+DtM=KmVg@mail.gmail.com> <[🔎] 4FCF4386.2000508@lboro.ac.uk>

On Wed, Jun 6, 2012 at 7:48 AM, Laurence Hurst <L.A.Hurst@lboro.ac.uk> wrote:
> On 06/06/2012 11:47, Tom H wrote:
>>
>> Nowhere is the proposed Fedora 99-dollar-key being offered to other
>> distributions. Since it only costs USD 99 it wouldn't make sense for
>> Debian, for example, not to get its own rather than use Fedora's. And
>> Fedora wouldn't want to take the risk of loaning its key to Debian,
>> having the latter screwing up, and having Fedora's key being
>> blacklisted.
>>
>
> Fedora have also signed the entire chain from their shim bootloader (with
> the 99USD key), grub, kernel and kernel modules (latter 3 with Fedora's own
> key/chain-of-trust). Even if they were willing to take the risk of sharing,
> I don't think they would with anyone who wasn't willing to sign their own
> entire boot-chain down to the kernel module level. I think it would be very
> bad for the principals of free (as in freedom) software if Debian went down
> the same route creating a walled-garden for the entire boot chain through to
> the kernel modules on secure-boot enabled systems.

What's non-free about signing the "boot-chain"?

Reply to:

Follow-Ups:
- Re: the ghost of UEFI and Micr0$0ft
  - From: Roger Leigh <rleigh@codelibre.net>

References:
- the ghost of UEFI and Micr0$0ft
  - From: Harshad Joshi <firewalrus@gmail.com>
- Re: the ghost of UEFI and Micr0$0ft
  - From: Ralf Mardorf <ralf.mardorf@alice-dsl.net>
- Re: the ghost of UEFI and Micr0$0ft
  - From: Doug <dmcgarrett@optonline.net>
- Re: the ghost of UEFI and Micr0$0ft
  - From: Claudius Hubig <debian_1206@chubig.net>
- Re: the ghost of UEFI and Micr0$0ft
  - From: Doug <dmcgarrett@optonline.net>
- Re: the ghost of UEFI and Micr0$0ft
  - From: Claudius Hubig <debian_1206@chubig.net>
- Re: the ghost of UEFI and Micr0$0ft
  - From: Nate Bargmann <n0nb@n0nb.us>
- Re: the ghost of UEFI and Micr0$0ft
  - From: "Christofer C. Bell" <christofer.c.bell@gmail.com>
- Re: the ghost of UEFI and Micr0$0ft
  - From: Nate Bargmann <n0nb@n0nb.us>
- Re: the ghost of UEFI and Micr0$0ft
  - From: Scott Ferguson <scott.ferguson.debian.user@gmail.com>
- Re: the ghost of UEFI and Micr0$0ft
  - From: Tom H <tomh0665@gmail.com>
- Re: the ghost of UEFI and Micr0$0ft
  - From: Scott Ferguson <scott.ferguson.debian.user@gmail.com>
- Re: the ghost of UEFI and Micr0$0ft
  - From: Tom H <tomh0665@gmail.com>
- Re: the ghost of UEFI and Micr0$0ft
  - From: Laurence Hurst <L.A.Hurst@lboro.ac.uk>

Prev by Date: Re: Any command to control the upload bandwidth of a running program
Next by Date: Re: User logins not appearing in wtmp?
Previous by thread: Re: the ghost of UEFI and Micr0$0ft
Next by thread: Re: the ghost of UEFI and Micr0$0ft
Index(es):
- Date
- Thread