On Mon, Jun 18, 2012 at 9:56 AM, Matthew Garrett <mjg59@xxxxxxxxxxxxx> wrote: > On Mon, Jun 18, 2012 at 09:43:27AM -0400, Seth Johnson wrote: >> On Mon, Jun 18, 2012 at 9:37 AM, Matthew Garrett <mjg59@xxxxxxxxxxxxx> wrote: >> > Like I said before, the existing UEFI implementations on the existing >> > hardware will support "Disable Secure Boot or use your own chain of >> > trust". If you're asking for the ability to install Linux without >> > requiring signed binaries then presumably you just want a UEFI >> > implementation that doesn't enforce secure boot by default? Those exist >> > already, without needing to write a new implementation. >> >> I defer to Jay for now. It seems to me you are seeking permission >> from Microsoft or you would not be writing a shim. > > Ok so what you mean is "I want a UEFI implementation that doesn't > require a Microsoft signature to boot"? The options there are currently > (1) have a Fedora specific key (which we're not doing because it would > fragment the community) and (2) ship systems without secure boot enabled > by default. System76 (and possibly others) will be supplying systems > that provide (2), so that choice is available to you. To me. We all -- and this notably includes Red Hat -- need to work to make those other systems viable. That goes beyond my own choices. Seth -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
