On 6/19/22 22:54, Sharpened Blade via devel wrote:
Use unified kernel images by default for new releases. This can allow
for the local installation to sign the kernel and the initrd, so the boot chain can be
verified until after the uefi.
How big is the demand for this kind of lockdown?
As a since-last-century Linux user, I'm choosing Fedora
exactly to NOT have all this signing/trusted boot
complications on my systems and I do not see a reason
to turn Fedora into Android (or, worse, iOS).
Regards.
--
Roberto Ragusa mail at robertoragusa.it