On Mon, Jun 18, 2012 at 1:14 AM, Matthew Garrett <mjg59@xxxxxxxxxxxxx> wrote: > On Mon, Jun 18, 2012 at 01:00:33AM -0400, Seth Johnson wrote: >> On Mon, Jun 18, 2012 at 12:58 AM, Matthew Garrett <mjg59@xxxxxxxxxxxxx> wrote: >> > On Mon, Jun 18, 2012 at 12:54:56AM -0400, Seth Johnson wrote: >> > >> >> But the best thing is that a free software UEFI would let anybody put >> >> their own key as hardware root, and this would stymie the >> >> rationalizing of big shots holding root and granting signing services >> >> to their hardware. >> > >> > All UEFI implementations we're aware of will be shipping with support >> > for replacing all the secure boot keys, including Pk. UEFI itself is >> > also entirely free software, although specific implementations may not >> > be. >> >> >> Then write a better UEFI. No need for a shim. > > The machine will have a functional UEFI implementation. Why would we > want to replace it? Um, because you're not asking permission? Seth -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
