*countable infinities only

Peter Jones pjones at redhat.com
Sat Jun 2 14:10:58 UTC 2012

On 06/01/2012 07:56 PM, Kevin Kofler wrote:
> Peter Jones wrote:
>> We don't know what all firmwares' UI's will look like, and it's possible -
>> even somewhat reasonable - that instead of "enable secure boot [X]" some
>> vendors would implement it, for example, as "[remove trusted key]" or
>> possibly a combo box with options ["user mode", "setup mode", "custom
>> mode"]. Those are all examples that are relatively likely.
> We'll just have to wait for it and provide according instructions when it
> happens.

Agreed. And again - I do think there's value in documenting how to disable
secure boot, and how to enable it with your own keys. That's been part of
the plan all along. That's one reason I've been writing tools for the latter
part - https://github.com/vathpela/pesign .

But I also think it's important for our distro to work out of the box on
new computers without having to do that. If we don't have that, people will
simply walk away.

>> To say nothing of what apple would implement if they decide to ship SB
>> (though they don't use the windows 8 logo, so there's every chance they'd
>> ship their own keys, ship with no way to turn it off, or both.)
> In that case, your plan relying on M$'s key might not be of any more help
> for Apple machines than mine.

Yes, that was my point.


More information about the devel mailing list