*countable infinities only
jays at panix.com
Mon Jun 18 15:45:45 UTC 2012
> On Mon, 18 Jun 2012, Peter Jones <pjones at redhat.com> wrote:
> > On 06/18/2012 11:03 AM, Jay Sulzberger wrote:
> >>> Microsoft has not refused to grant Fedora a key for ARM.
> >> This I do not understand. By reports in the admittedly
> >> incompetent magazines dealing with home computers, Microsoft's
> >> policy is to keep Fedora, and any other OSes, except for
> >> Microsoft OSes, off all Microsoft Certified ARM devices.
> >> Perhaps you mean that Fedora has not asked Microsoft for a signing key.
> > Signing on ARM would use the same key and signing service as x86. We have
> > chosen not to pursue this usage due to the inability to disable Secure Boot
> > or install your own chain of trust on ARM given the rules they've put
> > forward.
> >> Further questions ad ARM: According to Microsoft, can, in future,
> >> "SecureBoot" be disabled on Microsoft Certified ARM devices?
> > On ARM client devices, no, the current requirements do not allow you to
> > disable Secure Boot. I don't think the behavior on server hardware is
> > specified yet whatsoever.
> >> Will the person who walks out of the store with a Microsoft
> >> Certified ARM device be able to put their own signing key in?
> >> What about the PK?
> > No, not either.
> > --
> > Peter
Thanks very much Peter.
I am sorry not to have in hand today a proper exposition of my
position. Heaven forwarding, I will get one out soon.
More information about the devel