> Whether Microsoft would actually follow through on blacklisting their > own signatures is obviously an unknown - they've told us they would, but > commercial concerns etc who knows. They *will* blacklist our signatures. I think that becomes an irrelevant debate. It's going to end up being argued in a court by lawyers some day and its not software problem. One day some bright spark from MS will decide to do things like enforce patent disputes this way or commercial pressures will lead them to try and find some other excuse to do it. It's never going to be "secure", so they'll always be able to find an excuse. The functionality you have to disable is for the most part quite boring for desktop users. Server may see it differently because you cripple a lot of debugging work. OTOH many of them probably want to turn it on for production boxes. The main thing you lose are lots of module options, the ability to force addresses for things like the serial port console (otherwise I can force an address and root the kernel that way), mem=, custom ACPI tables and so on. It's the stuff that lets you get a box with crapware as firmware working that's really hit. Alan -- To unsubscribe from this list: send the line "unsubscribe linux-efi" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
