On Thu, Jun 07, 2012 at 01:14:57PM -0400, Przemek Klosowski wrote:
What is Fedora ARM planning to do about the upcoming Microsoft hardware certification spec requiring Secure Boot? By the spec, there must be a way to disable it on x86, but on ARM they expressly prohibit turning it off. I guess the current Fedora/RedHat stance, as explained by Matthew Garrett, is to obtain a MS certificate covering x86 and presumably ARM kernels from Fedora, but this doesn't help respins and mods and even custom kernels---more likely on ARM because of the its relative newness and faster pace of development.
I (personally) have no desire to support scenarios where it's impossible for the user to install their own keys, so I have no intention of working on this. It's technically possible, but I think it's incompatible with Fedora's goals.