[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: the ghost of UEFI and Micr0$0ft

On Thu, Jun 7, 2012 at 10:43 PM, Ralf Mardorf
<ralf.mardorf@alice-dsl.net> wrote:
> On Thu, 2012-06-07 at 21:36 -0500, Christofer C. Bell wrote:
>> This "new world" doesn't tie you to Microsoft or any other company.
> You're mistaken, it does and it does it in a way I don't like it.
> As soon as Apple or Microsoft are involved in such things, a healthy
> suspicion can't harm.

No, it doesn't.  When you build your own kernel, you become the
maintainer of it, the distributor of it, the "vendor" of it, if you
will.  You're able to generate your own signing key to sign your
kernel, just as Microsoft or Apple is free to generate their keys and
sign the software *they* are custodians of.  You are not beholden to
Microsoft to obtain keys for your Linux kernel -- it's up to you to
handle the management of *your* keys for *your* kernel.

> Perhaps Linux keys sold by Microsoft will be blacklisted, because of US
> laws, such as the prohibition to share hardware and software with some
> countries the US government doesn't like.

They're not "Linux keys sold by Microsoft" they're "UEFI secure boot
signing keys sold by Microsoft" and one Linux distributor has
purchased one to use.  Fedora also has the option (as does Debian) to
generate their own signing key to use and then provide users with
instructions on how to integrate that key into their system.


Reply to: