1 |
On Thu, 14 Jun 2012 21:56:04 -0700 |
2 |
Greg KH <gregkh@g.o> wrote: |
3 |
|
4 |
> On Fri, Jun 15, 2012 at 10:15:28AM +0530, Arun Raghavan wrote: |
5 |
> > On 15 June 2012 09:58, Greg KH <gregkh@g.o> wrote: |
6 |
> > > So, anyone been thinking about this? I have, and it's not pretty. |
7 |
> > > |
8 |
> > > Should I worry about this and how it affects Gentoo, or not worry |
9 |
> > > about Gentoo right now and just focus on the other issues? |
10 |
> > |
11 |
> > I think it at least makes sense to talk about it, and work out what |
12 |
> > we can and cannot do. |
13 |
> > |
14 |
> > I guess we're in an especially bad position since everybody builds |
15 |
> > their own bootloader. Is there /any/ viable solution that allows |
16 |
> > people to continue doing this short of distributing a first-stage |
17 |
> > bootloader blob? |
18 |
> |
19 |
> Distributing a first-stage bootloader blob, that is signed by |
20 |
> Microsoft, or someone, seems to be the only way to easily handle this. |
21 |
|
22 |
Maybe we could get one such a blob for all distros/systems? |
23 |
|
24 |
Also, does this signature system have any restrictions on what is |
25 |
signed and what is not? In other words, will they actually sign a blob |
26 |
saying 'work-around signatures' on the top? |
27 |
|
28 |
-- |
29 |
Best regards, |
30 |
Michał Górny |