User: Password:
|
|
Subscribe / Log in / New account

Details on Ubuntu's UEFI secure boot plan

Details on Ubuntu's UEFI secure boot plan

Posted Jun 28, 2012 14:50 UTC (Thu) by gerv (subscriber, #3376)
In reply to: Details on Ubuntu's UEFI secure boot plan by mjg59
Parent article: Details on Ubuntu's UEFI secure boot plan

Surely the semantics of multiple signatures is "attempt to validate them all, in order, and proceed if any of them validate"? What are the other options? "Proceed if all of them validate"?

Can we fix the existing implementation? (Who wrote it?) And encourage BIOS authors (is that right? I'm sure there's more than one of them) who are still implementing to get this right?

Gerv


(Log in to post comments)

Details on Ubuntu's UEFI secure boot plan

Posted Jun 28, 2012 14:56 UTC (Thu) by mjg59 (subscriber, #23239) [Link]

And blacklisting? There are Obviously Correct interpretations, but since they're not written down it's well within the realms of possibility that people would screw this up. There's ongoing work to rectify this, but it's not going to happen in time for the first wave of machines.

Details on Ubuntu's UEFI secure boot plan

Posted Jun 28, 2012 15:11 UTC (Thu) by gerv (subscriber, #3376) [Link]

Good point about blacklisting. I'm really glad to hear there's ongoing work to fix this; it gives me hope that in 5 years time, the situation may not be as bad as it looks now.

Gerv


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds