Hi, On Montag, 3. August 2015, Ben Hutchings wrote: > Only the FTP team will be able to get shim signed by the Microsoft CA. > Only the FTP team will be able to sign GRUB and the kernel using the > private key for which the public part is embedded in shim. > > Users can add further trusted keys at boot time through the BIOS setup > program or shim; then they can use their own signed kernels.
Thanks for clarifying.
About your original question, I dont have a good answer right now. I think it
would be a good topic to discuss at DebConf...! Thanks for bringing this up to
us already!
cheers,
Holger
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ Reproducible-builds mailing list Reproducible-builds@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/reproducible-builds
