[Mageia-dev] Mageia 3 feature proposals review

[Olav Vitters]

On Wed, Jun 27, 2012 at 08:35:35AM +0200, AL13N wrote:
> I thought they were planning on signing all the stuff after grub2 as well?
> 
> I have no trouble having signed bootloader. but i would prefer it to be from a 
> completely free CA. ie: NOT from microsoft.

Then you need to convince all the hardware manufacturers to put your key
in their hardware, as explained in the blogpost. Seems really unlikely
to happen.

> above signing from microsoft, I would even prefer to have a documentation that 
> requests to disable Secure Boot, then generate your own key and adding that, 
> and then setting up Secure Boot again, with your own personal signed stuff.

Thought disabling secure boot means first booting?

> of course, if there was an independant org that had it's CA in all hardware, 
> and signed all free OSes, that would be alot better.

There is none.

-- 
Regards,
Olav