Hi, Am 26.06.2012 04:29, schrieb Manolo Martínez: > Just for clarification: you seem to be endorsing a model in which > organizations (linux distros?) pay Microsoft for the right to install > non-Microsoft software in PCs. Is that correct? Yeah, I see that this creeps the shit out of some of you. However can anybody come up with a better model? Again, I can't. And I definitely want to take advantage of Secure boot, so only signed code is run at some point in the future. Maybe for the sake of objectiveness we would be better of when some neutral organization would take care of that, but for the time being I can live with the fact that Microsoft is doing it. I don't expect them to be too unfair here. And I don't think that they will make that much money out of it. Furthermore they probably will have to invest some serious amount of money in order to build a robust infrastructure for this. Just compare the situation with SSL/TLS. Here you also have to invest some money (which can cost up to a couple of thousand USD when dealing with EV certificates) in order to provide your users/customers with "basic" security. Archlinux sets a good example here. Remember: You can always (by specification) turn off Secure boot, so even "small" distributions won't be ruled out. As these "small" distributions are probably used mainly by advanced users anyway, I don't see much trouble here. Personally I can totally live with the solution, which is proposed right now. I'm also willing to donate some money to Arch, when they will have struggle to come up with 100 USD for their certificate, if they choose to get one in the future. Best regards, Karol Babioch
Attachment:
signature.asc
Description: OpenPGP digital signature
