Gentoo Archives: gentoo-dev

From: "Michał Górny" <mgorny@g.o>
To: gentoo-dev@l.g.o
Cc: gregkh@g.o
Subject: Re: [gentoo-dev] UEFI secure boot and Gentoo
Date: Fri, 15 Jun 2012 07:25:48
Message-Id: 20120615092607.68e5ddf0@pomiocik.lan
In Reply to: Re: [gentoo-dev] UEFI secure boot and Gentoo by Greg KH
On Thu, 14 Jun 2012 21:56:04 -0700
Greg KH <gregkh@g.o> wrote:

> On Fri, Jun 15, 2012 at 10:15:28AM +0530, Arun Raghavan wrote: > > On 15 June 2012 09:58, Greg KH <gregkh@g.o> wrote: > > > So, anyone been thinking about this?  I have, and it's not pretty. > > > > > > Should I worry about this and how it affects Gentoo, or not worry > > > about Gentoo right now and just focus on the other issues? > > > > I think it at least makes sense to talk about it, and work out what > > we can and cannot do. > > > > I guess we're in an especially bad position since everybody builds > > their own bootloader. Is there /any/ viable solution that allows > > people to continue doing this short of distributing a first-stage > > bootloader blob? > > Distributing a first-stage bootloader blob, that is signed by > Microsoft, or someone, seems to be the only way to easily handle this.
Maybe we could get one such a blob for all distros/systems? Also, does this signature system have any restrictions on what is signed and what is not? In other words, will they actually sign a blob saying 'work-around signatures' on the top? -- Best regards, Michał Górny

Attachments

File name MIME type
signature.asc application/pgp-signature

Replies

Subject Author
Re: [gentoo-dev] UEFI secure boot and Gentoo gregkh@g.o
Re: [gentoo-dev] UEFI secure boot and Gentoo Florian Philipp <lists@×××××××××××.net>