> I think you're assuming that:
> - providing some key is the only way to allow modified software to run.
> - that key can only be Canonical's.
That's what this sub-thread is about. Read bronson's post (http://lwn.net/Articles/503072/) where it started. There it's argued that even under the assumptions cited by you above, this is OK. Then rich0 came in and told bronson that this won't matter for Canonical. And my contribution was to point out the fallacy in his thinking.
> Instead, the hardware vendor can:
> - provide other means (disable secureboot).
> - provide vendor's specific keys.
> - provide means to install (additional) customer keys.
These are other scenarios. It's about an hypothetical scenario where the end user can demand the keys. My contribution to the discussion is that then, in this case, a hardware vendor will not shield Canonical from that demand.
Please also note that the FSF seems to agree that the situation, that keys must be supplied, is plausibel, as Nate notes in the Security feature article. I wouldn't discard their opinion on the GPLv3's meaning as fast as many here are ready to do. And if I would be responsible for due diligence in a company and would receive such warning from the FSF, I would make sure that my company pays attention to it.
Btw, FTR: We use neither Ubuntu nor Fedora and will probably turn off secure boot on our systems, when it arrives. So I consider myself impartial concerning the different factions in this discussion.