[uefi-secure-boot-guide] f18: Updated POT files (7f339aa)

sparks at fedoraproject.org sparks at fedoraproject.org
Sat Jan 5 02:25:49 UTC 2013 

Repository : http://git.fedorahosted.org/git/?p=docs/uefi-secure-boot-guide.git

On branch  : f18

>---------------------------------------------------------------

commit 7f339aad5573c0730bd0829234eca38946c01e23
Author: Eric Christensen <eric.christensen at citrix.com>
Date:   Tue Jul 24 13:09:33 2012 -0400

    Updated POT files


>---------------------------------------------------------------

 pot/Author_Group.pot                  |   24 ++++++++++++++++++-
 pot/Book_Info.pot                     |    4 +-
 pot/Implementation_of_Secure_Boot.pot |   14 ++++++++++-
 pot/Preface.pot                       |    4 +-
 pot/Revision_History.pot              |    4 +-
 pot/UEFI_Secure_Boot_Guide.pot        |    4 +-
 pot/Using_your_own_keys.pot           |    4 +-
 pot/What_is_Secure_Boot.pot           |   39 +++++++++++++++++++++++++++++++-
 8 files changed, 81 insertions(+), 16 deletions(-)

diff --git a/pot/Author_Group.pot b/pot/Author_Group.pot
index 8b8fbb3..ced7a16 100644
--- a/pot/Author_Group.pot
+++ b/pot/Author_Group.pot
@@ -4,8 +4,8 @@
 msgid ""
 msgstr ""
 "Project-Id-Version: 0\n"
-"POT-Creation-Date: 2012-07-24T15:14:29\n"
-"PO-Revision-Date: 2012-07-24T15:14:29\n"
+"POT-Creation-Date: 2012-07-24T17:08:57\n"
+"PO-Revision-Date: 2012-07-24T17:08:57\n"
 "Last-Translator: Automatically generated\n"
 "Language-Team: None\n"
 "MIME-Version: 1.0\n"
@@ -32,3 +32,23 @@ msgstr ""
 msgid "Documentation Project"
 msgstr ""
 
+#. Tag: firstname
+#, no-c-format
+msgid "Kevin"
+msgstr ""
+
+#. Tag: surname
+#, no-c-format
+msgid "Fenzi"
+msgstr ""
+
+#. Tag: firstname
+#, no-c-format
+msgid "Peter"
+msgstr ""
+
+#. Tag: surname
+#, no-c-format
+msgid "Jones"
+msgstr ""
+
diff --git a/pot/Book_Info.pot b/pot/Book_Info.pot
index 01bb6fd..cbfe675 100644
--- a/pot/Book_Info.pot
+++ b/pot/Book_Info.pot
@@ -4,8 +4,8 @@
 msgid ""
 msgstr ""
 "Project-Id-Version: 0\n"
-"POT-Creation-Date: 2012-07-24T15:14:29\n"
-"PO-Revision-Date: 2012-07-24T15:14:29\n"
+"POT-Creation-Date: 2012-07-24T17:08:57\n"
+"PO-Revision-Date: 2012-07-24T17:08:57\n"
 "Last-Translator: Automatically generated\n"
 "Language-Team: None\n"
 "MIME-Version: 1.0\n"
diff --git a/pot/Implementation_of_Secure_Boot.pot b/pot/Implementation_of_Secure_Boot.pot
index dfed651..ccce9ad 100644
--- a/pot/Implementation_of_Secure_Boot.pot
+++ b/pot/Implementation_of_Secure_Boot.pot
@@ -4,8 +4,8 @@
 msgid ""
 msgstr ""
 "Project-Id-Version: 0\n"
-"POT-Creation-Date: 2012-07-24T15:14:29\n"
-"PO-Revision-Date: 2012-07-24T15:14:29\n"
+"POT-Creation-Date: 2012-07-24T17:08:57\n"
+"PO-Revision-Date: 2012-07-24T17:08:57\n"
 "Last-Translator: Automatically generated\n"
 "Language-Team: None\n"
 "MIME-Version: 1.0\n"
@@ -17,3 +17,13 @@ msgstr ""
 msgid "&PRODUCT;'s Implementation of UEFI Secure Boot"
 msgstr ""
 
+#. Tag: para
+#, no-c-format
+msgid "Systems with UEFI Secure Boot enabled will ship with a set of vendor-determined keys installed in the firmware. These keys include the ability to boot from binaries signed by the signing service hosted by Microsoft. This feature includes simultaneous support for two methods of booting under this scheme. Under the first scheme, Fedora will utilize the signing service hosted by Microsoft. Under the second, a site will create their own keys and deploy them in system firmware, and will do their own signing of binaries with it. In both schemes, shim, grub2, and the kernel will detect that they are started in what UEFI describes as \"User mode\" with Secure Boot enabled, and upon detecting this they will validate the next stage with a Fedora-specific cryptographic public key before starting it. Additionally, grub2 will operate with similar restrictions as it would if you had set a supervisory password in your configuration. Once the kernel is booted, it will also detect tha
 t it is in Secure Boot mode, which will cause several things to be true: it will validate the boot command line to only allow certain kernel settings, it will check loaded modules for signatures and refuse to load them if they are unsigned, and it will refuse any operations from userland which cause userland-defined DMA."
+msgstr ""
+
+#. Tag: para
+#, no-c-format
+msgid "Under this scheme, the signing service will be used to sign a first-stage bootloader, <ulink url=\"https://github.com/mjg59/shim\">shim</ulink>, which holds a Fedora-specific public key. shim will then validate against the Fedora-defined key referenced above."
+msgstr ""
+
diff --git a/pot/Preface.pot b/pot/Preface.pot
index cc2fde4..aa469f3 100644
--- a/pot/Preface.pot
+++ b/pot/Preface.pot
@@ -4,8 +4,8 @@
 msgid ""
 msgstr ""
 "Project-Id-Version: 0\n"
-"POT-Creation-Date: 2012-07-24T15:14:29\n"
-"PO-Revision-Date: 2012-07-24T15:14:29\n"
+"POT-Creation-Date: 2012-07-24T17:08:57\n"
+"PO-Revision-Date: 2012-07-24T17:08:57\n"
 "Last-Translator: Automatically generated\n"
 "Language-Team: None\n"
 "MIME-Version: 1.0\n"
diff --git a/pot/Revision_History.pot b/pot/Revision_History.pot
index b069f0f..d16f26a 100644
--- a/pot/Revision_History.pot
+++ b/pot/Revision_History.pot
@@ -4,8 +4,8 @@
 msgid ""
 msgstr ""
 "Project-Id-Version: 0\n"
-"POT-Creation-Date: 2012-07-24T15:14:29\n"
-"PO-Revision-Date: 2012-07-24T15:14:29\n"
+"POT-Creation-Date: 2012-07-24T17:08:57\n"
+"PO-Revision-Date: 2012-07-24T17:08:57\n"
 "Last-Translator: Automatically generated\n"
 "Language-Team: None\n"
 "MIME-Version: 1.0\n"
diff --git a/pot/UEFI_Secure_Boot_Guide.pot b/pot/UEFI_Secure_Boot_Guide.pot
index 381a4cc..a694bb9 100644
--- a/pot/UEFI_Secure_Boot_Guide.pot
+++ b/pot/UEFI_Secure_Boot_Guide.pot
@@ -4,8 +4,8 @@
 msgid ""
 msgstr ""
 "Project-Id-Version: 0\n"
-"POT-Creation-Date: 2012-07-24T15:14:29\n"
-"PO-Revision-Date: 2012-07-24T15:14:29\n"
+"POT-Creation-Date: 2012-07-24T17:08:57\n"
+"PO-Revision-Date: 2012-07-24T17:08:57\n"
 "Last-Translator: Automatically generated\n"
 "Language-Team: None\n"
 "MIME-Version: 1.0\n"
diff --git a/pot/Using_your_own_keys.pot b/pot/Using_your_own_keys.pot
index 9523959..fbace70 100644
--- a/pot/Using_your_own_keys.pot
+++ b/pot/Using_your_own_keys.pot
@@ -4,8 +4,8 @@
 msgid ""
 msgstr ""
 "Project-Id-Version: 0\n"
-"POT-Creation-Date: 2012-07-24T15:14:29\n"
-"PO-Revision-Date: 2012-07-24T15:14:29\n"
+"POT-Creation-Date: 2012-07-24T17:08:57\n"
+"PO-Revision-Date: 2012-07-24T17:08:57\n"
 "Last-Translator: Automatically generated\n"
 "Language-Team: None\n"
 "MIME-Version: 1.0\n"
diff --git a/pot/What_is_Secure_Boot.pot b/pot/What_is_Secure_Boot.pot
index 225a072..89c9125 100644
--- a/pot/What_is_Secure_Boot.pot
+++ b/pot/What_is_Secure_Boot.pot
@@ -4,8 +4,8 @@
 msgid ""
 msgstr ""
 "Project-Id-Version: 0\n"
-"POT-Creation-Date: 2012-07-24T15:14:29\n"
-"PO-Revision-Date: 2012-07-24T15:14:29\n"
+"POT-Creation-Date: 2012-07-24T17:08:57\n"
+"PO-Revision-Date: 2012-07-24T17:08:57\n"
 "Last-Translator: Automatically generated\n"
 "Language-Team: None\n"
 "MIME-Version: 1.0\n"
@@ -17,3 +17,38 @@ msgstr ""
 msgid "What is UEFI Secure Boot?"
 msgstr ""
 
+#. Tag: para
+#, no-c-format
+msgid "Secure boot is a setup using UEFI firmware to check cryptographic signatures on the bootloader and associated OS kernel to ensure they have not been tampered with or bypassed in the boot process. With the planned release of Windows 8, Microsoft has decided that all hardware that is marked \"Windows 8 client ready\" should:"
+msgstr ""
+
+#. Tag: member
+#, no-c-format
+msgid "Have secure boot enabled by default."
+msgstr ""
+
+#. Tag: member
+#, no-c-format
+msgid "Allow a physically present user to disable secure boot in the firmware interface."
+msgstr ""
+
+#. Tag: member
+#, no-c-format
+msgid "Ship the Microsoft keys in firmware."
+msgstr ""
+
+#. Tag: member
+#, no-c-format
+msgid "Allow a physically present user to enroll their own keys in the firmware interface."
+msgstr ""
+
+#. Tag: para
+#, no-c-format
+msgid "This means that Fedora as it stands booted on such hardware will refuse to boot until the user disables secure boot in the firmware."
+msgstr ""
+
+#. Tag: para
+#, no-c-format
+msgid "Maintainers of the grub2, kernel and associated packages have proposed a plan where by Fedora will have Verisign (via Microsoft) sign a bootloader shim that will in turn boot grub2 (signed by a Fedora key) and the Fedora kernel (signed by a Fedora key) to allow out of the box booting on secure boot enabled hardware. Additionally, they will provide tools and information for users to create their own keys and sign their own copy of boot shim and grub2 and kernel (and whatever else they wish to sign). This plan has been approved by the Fedora Engineering Steering Committee as of 23-Jul-2012."
+msgstr ""
+

More information about the docs-commits mailing list