*countable infinities only
greno at verizon.net
Thu May 31 22:02:28 UTC 2012
On 05/31/2012 05:47 PM, Adam Williamson wrote:
> On Thu, 2012-05-31 at 16:31 -0400, Gerry Reno wrote:
>> On 05/31/2012 04:26 PM, Gregory Maxwell wrote:
>>> On Thu, May 31, 2012 at 4:19 PM, Gerry Reno <greno at verizon.net> wrote:
>>>> And I'd rather see a User-Controlled implementation rather than a Monopoly-Controlled implementation.
>>> SecureBoot is (currently, on x86 but not arm) _also_ user-controlled.
>>> The monopoly controlled is just the default.
>> I guess what I am saying is a User-only controlled implementation. No monopoly implementation needed.
> SecureBoot itself is exactly this. It specifies a framework. It just
> says, basically, 'hey, if we sign all these bits then we have a trusted
> boot path'. It doesn't state who should sign the bits. It doesn't care.
> It's Microsoft's Windows 8 Client labelling program that implements the
> 'monopoly control'. That's the program which requires compliant hardware
> to trust the Microsoft signing key.
> If you want to Opt Out Of The Monopoly, Man all you have to do is buy
> hardware which doesn't comply with Microsoft's program and trust
> Microsoft's key. Such hardware will exist.
99.,9% of x86 hardware is probably going to comply with this monopoly label program.
Which means very limited hardware choices for those who want to opt-out.
More information about the devel