]] Hanno 'Rince' Wagner > Hi everbody, > > On Sun, 24 Apr 2022, Tollef Fog Heen wrote: > > > I don't think we have docs for running with a different root of trust > > than MS'. To be honest, I'm not sure we even _should_ have a lot of docs > > around it, since the general brittleness of the boot process, UEFI and > > friends might very well lead to more systems being broken when people > > discover the docs and run with the instructions without understanding > > the implications. > > I am a very firm believer of giving people as much information as > possible while being responsible. Meaning, that I would love to have > that documentation - including a big warning sign which sais "if you > follow this path, you may brick your machine and this is your problem, > not ours". If someone is interested to learn _how_ the security is > done and implemented, why should this be unavailable?
Sadly, warnings generally don't work because people will ignore them and break their systems and then blame the people writing the documentation, causing load and grief on people were trying to be helpful by writing the docs. I don't think we should invest a lot into writing the docs required because we can use that effort elsewhere. Documentation requires maintenance, just like everything else and if it's rarely used, we get little value out of that effort. If somebody is very eager to write and maintain that documentation over time, by all means, but we haven't seen anyone step up to do so. -- Tollef Fog Heen UNIX is user friendly, it's just picky about who its friends are
