On Wed, Jun 6, 2012 at 7:48 AM, Laurence Hurst <[email protected]> wrote: > On 06/06/2012 11:47, Tom H wrote: >> >> Nowhere is the proposed Fedora 99-dollar-key being offered to other >> distributions. Since it only costs USD 99 it wouldn't make sense for >> Debian, for example, not to get its own rather than use Fedora's. And >> Fedora wouldn't want to take the risk of loaning its key to Debian, >> having the latter screwing up, and having Fedora's key being >> blacklisted. >> > > Fedora have also signed the entire chain from their shim bootloader (with > the 99USD key), grub, kernel and kernel modules (latter 3 with Fedora's own > key/chain-of-trust). Even if they were willing to take the risk of sharing, > I don't think they would with anyone who wasn't willing to sign their own > entire boot-chain down to the kernel module level. I think it would be very > bad for the principals of free (as in freedom) software if Debian went down > the same route creating a walled-garden for the entire boot chain through to > the kernel modules on secure-boot enabled systems.
What's non-free about signing the "boot-chain"? -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/CAOdo=Sw2vLgdXGVCKk50c8ajQM-xSnZzCznZA=9bbowldfj...@mail.gmail.com
