On 20/12/2022 22:27, Simo Sorce wrote:
SecureBoot may not be to your liking but is what is installed on 99% of
modern hardware sold, so it is a good idea to first show you can
support it. Then if you have interested you can propose "something
better".
Secure Boot with shim and the use of a Microsoft key defeats all purpose
of the __Secure__ Boot.
Also new computers will be able to boot only Microsoft Windows as
described here[1]:
Secured-core PCs require Secure Boot to be enabled and configured to distrust
the Microsoft 3rd Party UEFI CA signature, by default, to provide customers
with the most secure configuration of their PCs possible.
To trust and boot operating systems, like Linux, and components signed by the
UEFI signature, Secured-core PCs can be configured in the BIOS menu to add the
signature in the UEFI database by following these steps
[1]:
https://learn.microsoft.com/en-us/windows/security/information-protection/secure-the-windows-10-boot-process
--
Sincerely,
Vitaly Zaitsev (vit...@easycoding.org)
_______________________________________________
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam, report it:
https://pagure.io/fedora-infrastructure/new_issue
