On Thu, May 31, 2012 at 01:55:35PM -0500, Chris Adams wrote: > Once upon a time, Peter Jones <pjo...@redhat.com> said: > > That's why we didn't simply ask vendors to ship our key. That would be > > /less/ equitable to other distributions than the solution we're looking at > > right now. > > Has any thought been given to setting up group between various Open > Source distributions (Linux, BSD) to be a Secure Boot signer (with > security-oriented rules about what gets signed, probably similar to > whatever Microsoft is using today) and then getting vendors to include > the master key along site Microsoft's?
The last attempt to do something similar I can think of would be cacert. Afaik, they are still being audited to be added to Firefox, and i think they would be happy to explain all the issues they faced on that road. -- Michael Scherer -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
