Re: the ghost of UEFI and Micr0$0ft

[Tom H <tomh0665@gmail.com>]

On Wed, Jun 6, 2012 at 7:56 AM, Scott Ferguson
<scott.ferguson.debian.user@gmail.com> wrote:
> On 06/06/12 20:47, Tom H wrote:
>> On Wed, Jun 6, 2012 at 6:06 AM, Scott Ferguson
>> <scott.ferguson.debian.user@gmail.com> wrote:
>>> On 06/06/12 19:23, Tom H wrote:
>>>> On Wed, Jun 6, 2012 at 12:18 AM, Scott Ferguson
>>>> <scott.ferguson.debian.user@gmail.com> wrote:



>>>>> ;consider also that Fedora has *not* said they won't be sharing the key
>>>>
>>>> They won't share their Secure Boot key in the same way that they don't
>>>> share their RPM-signing key(s).
>>>
>>> I'm unable to find anything from the RedHat/Fedora community who
>>> supports that assertion, and it's not supported by the article:-
>>>
>>> "Adopting a distribution-specific key and encouraging hardware companies
>>> to adopt it *would have been hostile to other distributions*. We want to
>>> compete on merit, not because we have better links to OEMs.
>>
>> In this para, MG's saying that Fedora didn't want to buy a
>> 99-dollar-key and have it loaded into the firmware of the hardware
>> manufacturers who'd agree to do so.
>
> I read that as "there was no realistic chance that we could get *all* of
> them to carry it", and so they didn't. Tim Burke gives the same reasons.
> Aside from legal reasons (I'm not sure how UEFI and the Debian
> constitution fit) the only things stopping Debian from getting a key is
> that not many manufacturers would use it - and it'd require resources to
> manage and maintain, something better suited to a commercial enterprise.

He made two arguments for not going the
have-the-Fedora-key-uploaded-by-OEMs way. He called the first
user-hostile because it would require having hardware-compatibility
lists because not all OEMs would be willing to upload the Fedora key.
And he called the second distribution-hostile because Fedora would
have had better success at having its key uploaded than other
distributions given Red Hat's more extensive relationships with OEMs.
There not even a hint of sharing Fedora's key with anyone.



>>> An alternative was producing some sort of overall Linux key. It turns
>>> out that this is also difficult, since it would mean finding an entity
>>> who was willing to take responsibility for managing signing or key
>>> distribution. That means having the ability to keep the root key
>>> absolutely secure and perform adequate validation of people asking for
>>> signing. That's expensive. Like millions of dollars expensive. It would
>>> also take a lot of time to set up, and that's not really time we had.
>>> And, finally, nobody was jumping at the opportunity to volunteer. So no
>>> generic Linux key."
>>>
>>> Hardly "we don't want to share", more "we can't afford to"
>>
>> In this para, he isn't discussing a Fedora 99-dollar-key purchased
>> from Verisign, but a cross-distribution Linux key infrastructure
>> similar to the one that Microsoft's developed/developing.
>
> Two keys?
> I read it as *one* key bought (from Verison) for $99 through the MS
> sysdev portal that will be used to sign the first stage boot loader for
> use on hardware "certified" to support Windoof 7?

Why would a 99-dollar-key cost millions?

You're thinking of a third scenario that MG hasn't described where a
"Linux Secure Boot Foundation" buys a 99-dollar-key and shares it with
all (!) distributions - I'm of course assuming here and the previous
scenario of Fedora sharing its key that the agreement with Verisign
allows a key to be loaned out/shared - which puts us in the same
situation as the Fedora-key-sharing situation, that I posted earlier
and that you snipped from your reply, where the failure of one
distribution would result in all distributions having their one key
blacklisted.