Gentoo Logo
Gentoo Spaceship




Note: Due to technical difficulties, the Archives are currently not up to date. GMANE provides an alternative service for most mailing lists.
c.f. bug 424647
List Archive: gentoo-dev
Navigation:
Lists: gentoo-dev: < Prev By Thread Next > < Prev By Date Next >
Headers:
To: gentoo-dev@g.o
From: Florian Philipp <lists@...>
Subject: Re: Re: UEFI secure boot and Gentoo
Date: Sun, 17 Jun 2012 19:28:58 +0200
Am 17.06.2012 19:06, schrieb Michał Górny:
> On Sun, 17 Jun 2012 09:55:35 -0700
> Greg KH <gregkh@g.o> wrote:
> 
>> On Sun, Jun 17, 2012 at 05:51:04PM +0200, Michał Górny wrote:
[...]
> 
>>> 3. What happens if the machine signing the blobs is compromised?
>>
>> So, who's watching the watchers, right?  Come on, this is getting
>> looney.
> 
> I'm just pointing out that this simply relies on trusting people. Much
> like not having those signatures.
> 

If you are so much worried about it, UEFI allows you to remove all keys
and just add your own. That way, only code signed by you will be executed.

And in the standard case, well, it is just as good (or bad) as the SSL
certificate business. It's not a perfect system but it is better than
having everyone using self-signed certificates or none at all.

Regards,
Florian Philipp

Attachment:
signature.asc (OpenPGP digital signature)
References:
UEFI secure boot and Gentoo
-- Greg KH
Re: UEFI secure boot and Gentoo
-- Duncan
Re: Re: UEFI secure boot and Gentoo
-- Florian Philipp
Re: Re: UEFI secure boot and Gentoo
-- Michał Górny
Re: Re: UEFI secure boot and Gentoo
-- Florian Philipp
Re: Re: UEFI secure boot and Gentoo
-- Michał Górny
Re: Re: UEFI secure boot and Gentoo
-- Greg KH
Navigation:
Lists: gentoo-dev: < Prev By Thread Next > < Prev By Date Next >
Previous by thread:
Re: Re: UEFI secure boot and Gentoo
Next by thread:
Re: Re: UEFI secure boot and Gentoo
Previous by date:
Re: Re: UEFI secure boot and Gentoo
Next by date:
Re: Re: UEFI secure boot and Gentoo


Updated Jun 29, 2012

Summary: Archive of the gentoo-dev mailing list.

Donate to support our development efforts.

Copyright 2001-2013 Gentoo Foundation, Inc. Questions, Comments? Contact us.