On Mon, Jun 18, 2012 at 9:37 AM, Matthew Garrett <mjg59@xxxxxxxxxxxxx> wrote: > On Mon, Jun 18, 2012 at 09:26:23AM -0400, Seth Johnson wrote: >> On Mon, Jun 18, 2012 at 8:59 AM, Matthew Garrett <mjg59@xxxxxxxxxxxxx> wrote: >> > You're still not making it clear what you want. Hardware without secure >> > boot? Hardware with secure boot but a different default policy? Hardware >> > with free firmware that may or may not have secure boot enabled by >> > default? >> >> Write a new UEFI. No need for a shim. Peter stated what the free >> software UEFI on its own hardware should support: "disable Secure Boot >> or use your own chain of trust." Plus, because you appear to be >> motivated to buy a shim for this reason, write the UEFI so it does not >> make it scary to install in any configuration you use as the empowered >> owner of the device. > > Like I said before, the existing UEFI implementations on the existing > hardware will support "Disable Secure Boot or use your own chain of > trust". If you're asking for the ability to install Linux without > requiring signed binaries then presumably you just want a UEFI > implementation that doesn't enforce secure boot by default? Those exist > already, without needing to write a new implementation. I defer to Jay for now. It seems to me you are seeking permission from Microsoft or you would not be writing a shim. Seth -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
