On Thu, Jun 7, 2012 at 6:14 PM, Przemek Klosowski <przemek.klosow...@nist.gov> wrote: > What is Fedora ARM planning to do about the upcoming Microsoft hardware > certification spec requiring Secure Boot? By the spec, there must be a way > to disable it on x86, but on ARM they expressly prohibit turning it off. I > guess the current Fedora/RedHat stance, as explained by Matthew Garrett, is > to obtain a MS certificate covering x86 and presumably ARM kernels from > Fedora, but this doesn't help respins and mods and even custom > kernels---more likely on ARM because of the its relative newness and faster > pace of development. > > People pointed out that MS hardware requirements for ARM don't have anwhere > near the market coverage/importance as in the x86 sector, so they argue that > it's OK to ignore the issue. Indeed, currently majority of ARM hardware just > doesn't care about MS, but Secure Boot is a reflection of the industry trend > seeking more security (*) so it's conceivable that more digital signing is > in ARM's future, too. > > So, what is the current thinking?
The current thinking is wait and see. MS is not a leader in the market and the route that most vendors are going in the non MS ARM market is to allow users to disable the security. From the phone perspective where it might be a carrier requirement it's not a market we're even looking at and it's very hard to tell because it's very early in the MS section of the game anyway. Also at the moment there's lots of very usable HW which isn't a problem. Peter -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
