Re: the ghost of UEFI and Micr0$0ft

To: debian <debian-user@lists.debian.org>
Subject: Re: the ghost of UEFI and Micr0$0ft
From: "Christofer C. Bell" <christofer.c.bell@gmail.com>
Date: Thu, 7 Jun 2012 21:33:45 -0500
Message-id: <[🔎] CAOEVnYtS_aVJVS-2bkAkA5aACBLnaT4Cp0M_Ax9Y3C2JNmnyfQ@mail.gmail.com>
In-reply-to: <[🔎] 878vfzty92.fsf@catnip.gol.com>
References: <[🔎] CAO4+coYHYAghvJ=DtQXzSyLRX7KkRDWEy6p4ktZtoZR=Nf4mUg@mail.gmail.com> <[🔎] 1338883289.3371.6.camel@precise> <[🔎] 4FCE2D01.1090906@optonline.net> <[🔎] 20120605182626.7f21d335@ares.home.chubig.net> <[🔎] 4FCE3B09.50104@optonline.net> <[🔎] 20120605191855.3d0611ad@ares.home.chubig.net> <[🔎] 20120605180127.GJ6442@n0nb.us> <[🔎] CAOEVnYss7mXb_jNzh+nYyGAQAXsthdziwP18_+Q8F_jiSYu_Gw@mail.gmail.com> <[🔎] 87sje9ulsb.fsf@catnip.gol.com> <[🔎] 4FCEE02E.30007@gmail.com> <[🔎] 878vfzty92.fsf@catnip.gol.com>

On Thu, Jun 7, 2012 at 1:46 AM, Miles Bader <miles@gnu.org> wrote:
> Scott Ferguson <scott.ferguson.debian.user@gmail.com> writes:
>>>> You can't disable the code signing requirement on ARM.
>>>
>>> ... which is a great deal more worrying.
>>
>> Yes. And no.
>> I'd hate to see a situation where it was impossible to buy an ARM (or
>> other CPU based board) without UEFI that can be disabled - but I support
>> devices that can be made to *only* run signed code *provided* MS is
>> *not* the certificate agency.
>
> Would that mean anybody who wants to build their own kernel would need
> to buy a signing key?

Not at all.  You can generate your own key and load it into your UEFI.
 It's no different a situation than using self-signed ssl certs
without buying one from a certificate authority.  There's no need to
pay any money to anyone to use the secure boot feature.  Is it a
hassle?  Sure, but you're not beholden to any 3rd party regardless.

-- 
Chris

Reply to:

Follow-Ups:
- Re: the ghost of UEFI and Micr0$0ft
  - From: Miles Bader <miles@gnu.org>
- Re: the ghost of UEFI and Micr0$0ft
  - From: Roger Leigh <rleigh@codelibre.net>

References:
- the ghost of UEFI and Micr0$0ft
  - From: Harshad Joshi <firewalrus@gmail.com>
- Re: the ghost of UEFI and Micr0$0ft
  - From: Ralf Mardorf <ralf.mardorf@alice-dsl.net>
- Re: the ghost of UEFI and Micr0$0ft
  - From: Doug <dmcgarrett@optonline.net>
- Re: the ghost of UEFI and Micr0$0ft
  - From: Claudius Hubig <debian_1206@chubig.net>
- Re: the ghost of UEFI and Micr0$0ft
  - From: Doug <dmcgarrett@optonline.net>
- Re: the ghost of UEFI and Micr0$0ft
  - From: Claudius Hubig <debian_1206@chubig.net>
- Re: the ghost of UEFI and Micr0$0ft
  - From: Nate Bargmann <n0nb@n0nb.us>
- Re: the ghost of UEFI and Micr0$0ft
  - From: "Christofer C. Bell" <christofer.c.bell@gmail.com>
- Re: the ghost of UEFI and Micr0$0ft
  - From: Miles Bader <miles@gnu.org>
- Re: the ghost of UEFI and Micr0$0ft
  - From: Scott Ferguson <scott.ferguson.debian.user@gmail.com>
- Re: the ghost of UEFI and Micr0$0ft
  - From: Miles Bader <miles@gnu.org>

Prev by Date: Re: Boinc?
Next by Date: Re: the ghost of UEFI and Micr0$0ft
Previous by thread: Re: the ghost of UEFI and Micr0$0ft
Next by thread: Re: the ghost of UEFI and Micr0$0ft
Index(es):
- Date
- Thread