Gentoo Archives: gentoo-dev

From: Ben de Groot <yngwin@g.o>
To: gentoo-dev@l.g.o
Subject: Re: [gentoo-dev] UEFI secure boot and Gentoo
Date: Fri, 15 Jun 2012 07:13:01
In Reply to: Re: [gentoo-dev] UEFI secure boot and Gentoo by Arun Raghavan
On 15 June 2012 13:24, Arun Raghavan <ford_prefect@g.o> wrote:
> On 15 June 2012 10:33, Ben de Groot <yngwin@g.o> wrote: >> On 15 June 2012 12:45, Arun Raghavan <ford_prefect@g.o> wrote: >>> On 15 June 2012 09:58, Greg KH <gregkh@g.o> wrote: >>>> So, anyone been thinking about this?  I have, and it's not pretty. >>>> >>>> Minor details like, "do we have a 'company' that can pay Microsoft to >>>> sign our bootloader?" is one aspect from the non-technical side that I've >>>> been wondering about. >>> >>> Sounds like something the Gentoo Foundation could do. >> >> I'm certainly not the only one who would be averse to paying Microsoft >> any ransom money. > > And our refusal to pay for the signing affects precisely nobody except > for our users, who will have to jump through an extra hoop to make > their system work. > > On the flip side, having a simple way to use this infrastructure means > that people who care about security can get a chain of trust from the > firmware to the kernel (heck, maybe even userspace one day). This is > something that is worth having as well.
I agree that security is a worthwhile goal. I just don't trust Microsoft. -- Cheers, Ben | yngwin Gentoo developer Gentoo Qt project lead


Subject Author
Re: [gentoo-dev] UEFI secure boot and Gentoo Richard Farina <sidhayn@×××××.com>