Boston Linux & Unix (BLU) Home | Calendar | Mail Lists | List Archives | Desktop SIG | Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings
Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU

BLU Discuss list archive


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Discuss] Fighting UEFI



On 07/29/2012 01:03 PM, Richard Pieri wrote:
> On 7/29/2012 8:11 AM, Jerry Feldman wrote:
>> So far RedHat is the only Linux vendor that has signed an agreement with
>> Microsoft so that Fedora 18 will install out of the box. (A discussion
>> hs at http://mjg59.dreamwidth.org/12368.html).
>
> Canonical has a proposal for using Intel's efilinux loader, which is
> signed, to chain-load an unsigned secondary loader like GRUB2 or an
> unsigned kernel image:
> https://lists.ubuntu.com/archives/ubuntu-devel/2012-June/035445.html
>
> I like Canonical's approach.  It retains all of the benefits of the
> Secure Boot environment if you want them.  It provides a simple
> workaround in case an OEM mistakenly ships a computer that can't have
> Secure Boot disabled (and this *is* a mistake on x86 according to
> Microsoft's Windows 8 sticker requirements).  It lets you boot your
> own custom kernels and load binary blob drivers as desired without
> requiring a signing key of your own.  It doesn't compromise the key
> infrastructure.  Wins all around.
>
I think their approach is workable also.

-- 
Jerry Feldman <gaf at blu.org>
Boston Linux and Unix
PGP key id:3BC1EB90 
PGP Key fingerprint: 49E2 C52A FC5A A31F 8D66  C0AF 7CEA 30FC 3BC1 EB90





BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!



Boston Linux & Unix / webmaster@blu.org