Am 25.06.2012 18:37, schrieb Kevin Chadwick:
If I understand it right, in Setup Mode, you can either boot any non-signed operating system, or you can import your own keys into the firmware, so that you can sign your own bootloaders. For me, this is enough to not care about Secure Boot.
I didn't know key replacement was a requirement for MS certification. That's better than I thought, however.
You can only have one key and so it's a barrier to competition via preventing trying out other OS's on a whim!!. To multiboot you have to pay and spend a lot of time. Having authorisation to disable it completely but not import multiple keys simply doesn't make sense.
I don't think so. I need to verify this, but if I remember right, you can simply sign Microsoft's key so Windows 8 is also trusted by your own key.