> I am curious though, is the above notion of having hardware require signed > firmware an implication brought down by UEFI? If so do you have any pointers > to where this is stipulated? Or is it just a best practice we assume some > manufacturers are implementing? It's a mix of best practice and meeting the so called 'secure boot' requirements. In the non Linux space exactly the same problems exist in terms of trusting devices and firmware, building a root of trust and even more so when producing 'hardened' platforms. Some stuff isn't - USB devices for example don't get to pee on random memory so often isn't signed. Alan -- To unsubscribe from this list: send the line "unsubscribe linux-efi" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html