Fedora ARM and SecureBoot

Adam Jackson ajax at redhat.com
Fri Jun 8 15:24:16 UTC 2012

On Thu, 2012-06-07 at 15:16 -0500, Chris Adams wrote:
> Once upon a time, Adam Jackson <ajax at redhat.com> said:
> > If there are ARM machines where UEFI and Secure Boot are available,
> > we're going to have tools to do your own trust database management
> > anyway, so why would supporting them be any different from doing the
> > same on x86?
> For Windows 8 certification on ARM, Microsoft is going to require UEFI
> with Secure Boot enabled _and_ no method for users to disable Secure
> Boot or enroll their own keys (the opposite of x86 where they require a
> disable method and custom key enrollment support).

And?  I wasn't speaking to "we should sign our arm images with
Microsoft's key", I was speaking to "we should support Secure Boot on
arm".  If someone wants to build an arm machine with SB support capable
of running non-Windows operating systems, why would we not want to run
there, and why would enabling that look any different from self-signing
an x86 machine?

- ajax
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part
URL: <http://lists.fedoraproject.org/pipermail/devel/attachments/20120608/e6f07641/attachment.sig>

More information about the devel mailing list