Hi, On Montag, 3. August 2015, Ben Hutchings wrote: > Only the FTP team will be able to get shim signed by the Microsoft CA. > Only the FTP team will be able to sign GRUB and the kernel using the > private key for which the public part is embedded in shim. > > Users can add further trusted keys at boot time through the BIOS setup > program or shim; then they can use their own signed kernels.
Thanks for clarifying. About your original question, I dont have a good answer right now. I think it would be a good topic to discuss at DebConf...! Thanks for bringing this up to us already! cheers, Holger
Description: This is a digitally signed message part.
_______________________________________________ Reproducible-builds mailing list Reproduciblefirstname.lastname@example.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/reproducible-builds