On 09/10/2013 04:55 PM, Mimi Zohar wrote: >> >> What would the deliverables be from the hardware vendor and what tools >> would you expect them to need on their end? > > The package installer needs to not only install files, but file metadata > as well. Elena Reshetova (Intel) has already added rpm hooks to write > security xattrs. The next step, yet to be done, is to include and write > the signatures as part of the rpm install process. > That's a total non-option. There needs to be something that can be done even on a Windows box by a largely untrained release engineer if we're going to have a prayer of getting this supported. So, there is your answer why not. -hpa -- To unsubscribe from this list: send the line "unsubscribe linux-efi" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html