List Archive: gentoo-dev
Note: Due to technical difficulties, the Archives are currently not up to date.
provides an alternative service for most mailing lists.c.f. bug 424647
On 2012-06-15 7:56 AM, Greg KH wrote:
> Distributing a first-stage bootloader blob, that is signed by Microsoft,
> or someone, seems to be the only way to easily handle this.
Other distros haven't decided yet afaik although there have been some
> Also, some people might really want to sign their own bootloader and
> kernel, and kernel modules (myself included)
Yes, that is the goal we should try to achieve, i.e. to give the option
to our users to sign all the way to userland.
> Oh, and on the first-stage bootloader front, I already know of 2 simple,
> and open source, examples that will work for Linux, so getting something
> like that signed might not be very tough. It's the "where does the
> chain-of-trust stop" question that gets tricky...
Exactly. Do you have any concrete proposals?
Eray Aslan <email@example.com>