List Archive: gentoo-dev
Note: Due to technical difficulties, the Archives are currently not up to date.
provides an alternative service for most mailing lists.c.f. bug 424647
On 15 June 2012 10:33, Ben de Groot <email@example.com> wrote:
> On 15 June 2012 12:45, Arun Raghavan <firstname.lastname@example.org> wrote:
>> On 15 June 2012 09:58, Greg KH <email@example.com> wrote:
>>> So, anyone been thinking about this? I have, and it's not pretty.
>>> Minor details like, "do we have a 'company' that can pay Microsoft to
>>> sign our bootloader?" is one aspect from the non-technical side that I've
>>> been wondering about.
>> Sounds like something the Gentoo Foundation could do.
> I'm certainly not the only one who would be averse to paying Microsoft
> any ransom money.
And our refusal to pay for the signing affects precisely nobody except
for our users, who will have to jump through an extra hoop to make
their system work.
On the flip side, having a simple way to use this infrastructure means
that people who care about security can get a chain of trust from the
firmware to the kernel (heck, maybe even userspace one day). This is
something that is worth having as well.
(Ford_Prefect | Gentoo) & (arunsr | GNOME)