*countable infinities only

[Adam Jackson]

On Mon, 2012-06-25 at 14:10 -0400, Gregory Maxwell wrote:
> On Mon, Jun 25, 2012 at 1:56 PM, Peter Jones <pjones at redhat.com> wrote:
> > I feel like this is quite patronizing.  We've stated time and again that we
> > don't believe the scenario you're preaching has any real /viability/, and
> 
> Sounds like you're not arguing with me, you're arguing with Canonical.

That's disingenuous.  You were the one that brought it up here, it's
entirely fair to respond to you.

> I didn't propose this, the only stuff I proposed fit within the
> invariants you set out: That the rules of the game required you to
> restrict the system thusly if Fedora was to boot at all.

The constraint is not "to boot at all", it's "to boot without needing to
reconfigure SB".

> And as a result it appears that they have a plan
> which will make a better stand for software freedom while
> simultaneously satisfying the PR interest of "not capitulating to
> Microsoft", for whatever value that has.

Calculon: And you say you can guarantee me an Oscar?
Bender: I can guarantee you anything you want!

> > so we've chosen not to propose it.  There's no secret here - it's possible
> > to do, but we don't think it'd last very long before our keys are
> 
> I'm looking for a message where anyone said "we could do this, but we
> expect our keys would eventually be blacklisted" can you help me out?

I really feel you're being intentionally dense.  Revocation of the
ability to execute known malware vectors is the entire point of the
Secure Boot exercise.  If the signing authority wasn't willing to issue
revocations, they'd be failing at their own stated goal.

- ajax
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part
URL: <http://lists.fedoraproject.org/pipermail/devel/attachments/20120625/226e9ae1/attachment.sig>