Re: the ghost of UEFI and Micr0$0ft

To: debian <debian-user@lists.debian.org>
Subject: Re: the ghost of UEFI and Micr0$0ft
From: "Christofer C. Bell" <christofer.c.bell@gmail.com>
Date: Fri, 8 Jun 2012 10:56:49 -0500
Message-id: <[🔎] CAOEVnYtLsVK=M0q9o-iF0XMXQWK2uV497QKz_NBfgK5JFFgsOA@mail.gmail.com>
In-reply-to: <[🔎] 1339127003.4075.26.camel@precise>
References: <[🔎] 4FCEDA0B.8050601@gmail.com> <[🔎] CAOdo=SwSzVmtasgxYwmYhqAEmCWeeyV_Ew_4tG8S7rCq3zkjWg@mail.gmail.com> <[🔎] 4FCF2BB8.9070909@gmail.com> <[🔎] CAOdo=SyALgri4pLTfNivZhDR+LKDPo0jrhnjvwxzq+DtM=KmVg@mail.gmail.com> <[🔎] 4FCF4386.2000508@lboro.ac.uk> <[🔎] CAOdo=Sw2vLgdXGVCKk50c8ajQM-xSnZzCznZA=9BBowLdFJuCg@mail.gmail.com> <[🔎] 20120606194627.GF15644@codelibre.net> <[🔎] CAOdo=Sxyhj7vZNPftPBhtQh4d_4iT7FSc=VTrPFwwO4+ihdveg@mail.gmail.com> <[🔎] 1339070920.3331.47.camel@precise> <[🔎] CAOdo=SxFkz5UHT28hyVxd4Xx8QQLy_y2i1b7s9okew=2uiL8fQ@mail.gmail.com> <[🔎] 20120607223404.GQ15644@codelibre.net> <[🔎] CAOEVnYt4i+=7-=kWtevjc5hAdMDbvnPOcAM==1QhaG6x5wA3Ew@mail.gmail.com> <[🔎] 1339127003.4075.26.camel@precise>

On Thu, Jun 7, 2012 at 10:43 PM, Ralf Mardorf
<ralf.mardorf@alice-dsl.net> wrote:
> On Thu, 2012-06-07 at 21:36 -0500, Christofer C. Bell wrote:
>> This "new world" doesn't tie you to Microsoft or any other company.
>
> You're mistaken, it does and it does it in a way I don't like it.
> As soon as Apple or Microsoft are involved in such things, a healthy
> suspicion can't harm.

No, it doesn't.  When you build your own kernel, you become the
maintainer of it, the distributor of it, the "vendor" of it, if you
will.  You're able to generate your own signing key to sign your
kernel, just as Microsoft or Apple is free to generate their keys and
sign the software *they* are custodians of.  You are not beholden to
Microsoft to obtain keys for your Linux kernel -- it's up to you to
handle the management of *your* keys for *your* kernel.

> Perhaps Linux keys sold by Microsoft will be blacklisted, because of US
> laws, such as the prohibition to share hardware and software with some
> countries the US government doesn't like.

They're not "Linux keys sold by Microsoft" they're "UEFI secure boot
signing keys sold by Microsoft" and one Linux distributor has
purchased one to use.  Fedora also has the option (as does Debian) to
generate their own signing key to use and then provide users with
instructions on how to integrate that key into their system.

-- 
Chris

Reply to:

References:
- Re: the ghost of UEFI and Micr0$0ft
  - From: Scott Ferguson <scott.ferguson.debian.user@gmail.com>
- Re: the ghost of UEFI and Micr0$0ft
  - From: Tom H <tomh0665@gmail.com>
- Re: the ghost of UEFI and Micr0$0ft
  - From: Scott Ferguson <scott.ferguson.debian.user@gmail.com>
- Re: the ghost of UEFI and Micr0$0ft
  - From: Tom H <tomh0665@gmail.com>
- Re: the ghost of UEFI and Micr0$0ft
  - From: Laurence Hurst <L.A.Hurst@lboro.ac.uk>
- Re: the ghost of UEFI and Micr0$0ft
  - From: Tom H <tomh0665@gmail.com>
- Re: the ghost of UEFI and Micr0$0ft
  - From: Roger Leigh <rleigh@codelibre.net>
- Re: the ghost of UEFI and Micr0$0ft
  - From: Tom H <tomh0665@gmail.com>
- Re: the ghost of UEFI and Micr0$0ft
  - From: Ralf Mardorf <ralf.mardorf@alice-dsl.net>
- Re: the ghost of UEFI and Micr0$0ft
  - From: Tom H <tomh0665@gmail.com>
- Re: the ghost of UEFI and Micr0$0ft
  - From: Roger Leigh <rleigh@codelibre.net>
- Re: the ghost of UEFI and Micr0$0ft
  - From: "Christofer C. Bell" <christofer.c.bell@gmail.com>
- Re: the ghost of UEFI and Micr0$0ft
  - From: Ralf Mardorf <ralf.mardorf@alice-dsl.net>

Prev by Date: Re: Problem setting up a subdomain
Next by Date: Re: the ghost of UEFI and Micr0$0ft
Previous by thread: Re: the ghost of UEFI and Micr0$0ft
Next by thread: Re: the ghost of UEFI and Micr0$0ft
Index(es):
- Date
- Thread