On Fri, 1 Jun 2012 12:21:36 +0200 Michael scherer <misc@xxxxxxxx> wrote: > On Thu, May 31, 2012 at 01:55:35PM -0500, Chris Adams wrote: > > Once upon a time, Peter Jones <pjones@xxxxxxxxxx> said: > > > That's why we didn't simply ask vendors to ship our key. That > > > would be /less/ equitable to other distributions than the > > > solution we're looking at right now. > > > > Has any thought been given to setting up group between various Open > > Source distributions (Linux, BSD) to be a Secure Boot signer (with > > security-oriented rules about what gets signed, probably similar to > > whatever Microsoft is using today) and then getting vendors to > > include the master key along site Microsoft's? > > The last attempt to do something similar I can think of would be > cacert. Afaik, they are still being audited to be added to Firefox, > and i think they would be happy to explain all the issues they faced > on that road. Well, I'm a bit skeptical there, since they can't even license their ca stuff such that Fedora can actually distribute it. ;( kevin
Attachment:
signature.asc
Description: PGP signature
-- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
