On 2012-06-02 15:12, Florian Philipp wrote: > According to [1] it is SHA-256 and RSA-2048. If I understand it > correctly, there are means to blacklist compromised keys. That's > why
Just curious, how is a "compromised" key supposed to be blacklisted? Does the bios contact Microsoft, or is it through some other mean (via OS which means it needs to have some sort of service to check for this blacklist)? Smells like trouble to me... :-/ Best regards Peter K