Gentoo Logo
Gentoo Spaceship




Note: Due to technical difficulties, the Archives are currently not up to date. GMANE provides an alternative service for most mailing lists.
c.f. bug 424647
List Archive: gentoo-dev
Navigation:
Lists: gentoo-dev: < Prev By Thread Next > < Prev By Date Next >
Headers:
To: gentoo-dev@g.o
From: Luca Barbato <lu_zero@g.o>
Subject: Re: UEFI secure boot and Gentoo
Date: Fri, 15 Jun 2012 14:22:13 +0200
On 06/15/2012 12:14 PM, Rich Freeman wrote:
> 5.  If somebody (perhaps under the umbrella of hardened) wanted to
> create a Gentoo project around a fully trusted Gentoo I'd be
> completely supportive of that.  It would take work.  In the spirit of
> Gentoo we should allow anybody to build their own signed with their
> own key, and perhaps we might have an official Gentoo-certified one
> that we would sign and the Foundation would obtain the necessary UEFI
> keys.  However, that should be viewed as more of a service, and not a
> core offering - Gentoo will never depend on a piece of non-free
> software or metadata (and I'd probably lump a signing key into that
> category).  The same tools (minus the private keys) used to generate
> any secure offering made by Gentoo should be available for users to
> use and sign their own systems.

If we want to try to get serious on 5, we could try to gather the
hardened/security people across distributions and setup the whole chain
to be parallel and cut deals with OEM to store this trust-chain keys
along with MS.

lu


-- 

Luca Barbato
Gentoo/linux
http://dev.gentoo.org/~lu_zero



Replies:
Re: UEFI secure boot and Gentoo
-- Rich Freeman
References:
UEFI secure boot and Gentoo
-- Greg KH
Re: UEFI secure boot and Gentoo
-- Rich Freeman
Navigation:
Lists: gentoo-dev: < Prev By Thread Next > < Prev By Date Next >
Previous by thread:
Re: UEFI secure boot and Gentoo
Next by thread:
Re: UEFI secure boot and Gentoo
Previous by date:
Re: UEFI secure boot and Gentoo
Next by date:
Re: ebuild laziness and binpkg overhead


Updated Jun 29, 2012

Summary: Archive of the gentoo-dev mailing list.

Donate to support our development efforts.

Copyright 2001-2013 Gentoo Foundation, Inc. Questions, Comments? Contact us.