[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: the ghost of UEFI and Micr0$0ft

On Wed, Jun 6, 2012 at 7:48 AM, Laurence Hurst <L.A.Hurst@lboro.ac.uk> wrote:
> On 06/06/2012 11:47, Tom H wrote:
>> Nowhere is the proposed Fedora 99-dollar-key being offered to other
>> distributions. Since it only costs USD 99 it wouldn't make sense for
>> Debian, for example, not to get its own rather than use Fedora's. And
>> Fedora wouldn't want to take the risk of loaning its key to Debian,
>> having the latter screwing up, and having Fedora's key being
>> blacklisted.
> Fedora have also signed the entire chain from their shim bootloader (with
> the 99USD key), grub, kernel and kernel modules (latter 3 with Fedora's own
> key/chain-of-trust). Even if they were willing to take the risk of sharing,
> I don't think they would with anyone who wasn't willing to sign their own
> entire boot-chain down to the kernel module level. I think it would be very
> bad for the principals of free (as in freedom) software if Debian went down
> the same route creating a walled-garden for the entire boot chain through to
> the kernel modules on secure-boot enabled systems.

What's non-free about signing the "boot-chain"?

Reply to: