At Tue, 6 Nov 2012 09:20:19 +0000, Alan Cox wrote: > > > But how would distro sign modules that are built externally? > > It should be the pretty same situation. > > I would start with the "would" and lawyers and liability and then stop > worrying about the how. Absent someone actually intending to do it and > saying so. Well, what I meant for external built modules are not about things like nvidia, but rather normal (legal) drivers or updated modules that are built from out-of-kernel source. I'm sure that distros will provide such update module packages on the secure boot system, too. So, discussing about "how" isn't so bad even for now, since this shall be anyway mandatory (for distros) once when the module signing is deployed. Takashi -- To unsubscribe from this list: send the line "unsubscribe linux-efi" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html