On Mon, Jun 25, 2012 at 1:56 PM, Peter Jones <pjones@xxxxxxxxxx> wrote: > I feel like this is quite patronizing. We've stated time and again that we > don't believe the scenario you're preaching has any real /viability/, and Sounds like you're not arguing with me, you're arguing with Canonical. I didn't propose this, the only stuff I proposed fit within the invariants you set out: That the rules of the game required you to restrict the system thusly if Fedora was to boot at all. I was under the impression that you couldn't get a key like that signed in the first place. But what do I know, it seems like the experts at canonical don't agree and are going to try several other routes concurrently. Canonical seems to be giving this a higher level of organizational attention[1], vs pure decision making by the engineering guys deep in the trenches. Obviously this has system implications far beyond a bit of bootloader code. And as a result it appears that they have a plan which will make a better stand for software freedom while simultaneously satisfying the PR interest of "not capitulating to Microsoft", for whatever value that has. > so we've chosen not to propose it. There's no secret here - it's possible > to do, but we don't think it'd last very long before our keys are I'm looking for a message where anyone said "we could do this, but we expect our keys would eventually be blacklisted" can you help me out? I think I'd have said "well, you should do that then, put the ball in Microsoft's court" ::shrugs:: [1] http://blog.canonical.com/2012/06/22/an-update-on-ubuntu-and-secure-boot/ -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
