On 20/12/2022 23:11, Neal Gompa wrote:
We have supported Secure Boot for over a decade now. In that timeframe,
literally nobody did anything to make all the workflows you talk about
easier and friendlier.
Microsoft wants to limit[1] the use of non-Windows operating systems on
new hardware:
To trust and boot operating systems, like Linux, and components signed by the UEFI signature, Secured-core PCs can be configured in the BIOS menu to add the signature in the UEFI database by following these step
Users will need to go to the UEFI BIOS settings menu, find the Security
tab there, and import the Microsoft 3rd Party UEFI CA.
Lenovo already started doing that[2].
[1]:
https://learn.microsoft.com/en-us/windows/security/information-protection/secure-the-windows-10-boot-process
[2]: https://www.phoronix.com/news/Lenovo-Pluton-Windows-Default
--
Sincerely,
Vitaly Zaitsev (vitaly@xxxxxxxxxxxxxx)
_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
