[arch-general] Secure Boot Support

Pierre Schmitz pierre at archlinux.de
Wed Dec 5 10:23:27 EST 2012

Am 05.12.2012 10:36, schrieb Thomas Bächler:
> We don't understand what to do here at all. That's why we the developer
> who will be packaging these things needs access to such a machine
> himself. I'd really have fun figuring this out, but I currently don't
> want to spend money on a new computer.

I don't plan to buy such a mainboard in the near future either. but in
general I would prefer to create our own keys and let the user import
those into the firmware. This way we would not depend on prebuild boot
loaders signed by Microsoft or anybody else. Security-wise this would
also be much saner.

But Thomas is right: this has to be implemented and tested by those who
own such hardware; which at this time we don't.



Pierre Schmitz, https://pierre-schmitz.com

More information about the arch-general mailing list