Re: Fedora ARM and SecureBoot

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



What is Fedora ARM planning to do about the upcoming Microsoft hardware certification spec requiring Secure Boot? By the spec, there must be a way to disable it on x86, but on ARM they expressly prohibit turning it off. I guess the current Fedora/RedHat stance, as explained by Matthew Garrett, is to obtain a MS certificate covering x86 and presumably ARM kernels from Fedora, but this doesn't help respins and mods and even custom kernels---more likely on ARM because of the its relative newness and faster pace of development.

People pointed out that MS hardware requirements for ARM don't have anwhere near the market coverage/importance as in the x86 sector, so they argue that it's OK to ignore the issue. Indeed, currently majority of ARM hardware just doesn't care about MS, but Secure Boot is a reflection of the industry trend seeking more security (*) so it's conceivable that more digital signing is in ARM's future, too.

So, what is the current thinking?




(*) this is true whether one agrees with it or not, and whatever one thinks about SecureBoot technical merit.
--
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/devel



[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux