And all LF (corporate) members could of course use it as well
Bottomley: Adventures in Microsoft UEFI Signing
Posted Nov 21, 2012 14:15 UTC (Wed) by corbet (editor, #1)
Posted Nov 21, 2012 14:24 UTC (Wed) by krake (subscriber, #55996)
But I was expecting something more along the lines of will take some time, after all the benefit of having a non-Microsoft "root" key widely available should outweight a lot of costs.
Posted Nov 21, 2012 16:09 UTC (Wed) by mjg59 (subscriber, #23239)
Posted Nov 21, 2012 18:17 UTC (Wed) by krake (subscriber, #55996)
I assumed that the Linuxfoundation, being a interest group of several very large hardware and software vendors, would be able to help board vendors to see that continued business with its members is in fact in their best interest.
Of course those who only sell components for consumer PC white boxes and WinRT devices would not care, but that should leave plenty of them who do.
Posted Nov 21, 2012 16:59 UTC (Wed) by jejb (subscriber, #6654)
Firstly the current CA operators want payments in the order of millions of US Dollars to set up a CA and not charge the end user (otherwise they want to charge fairly ridiculous fees). It should also be noted that the UEFI forum tried to go this route as well (they originally planned to sponsor a neutral CA) but gave up when they found out about the kind of money required.
Secondly, the OEMs and ODMs who make the motherboard wanted anyone supplying a UEFI KEK or db entry to post a bond, also in the six to seven figure range, to indemnify them against anything going wrong with the LF Key.
Given there are quite a few OEM and ODMs, that's more cash than the current Linux Foundation core operating budget and therefore not something that could be realistically undertaken.
Posted Nov 21, 2012 17:50 UTC (Wed) by krake (subscriber, #55996)
Seems like the UEFI people didn't a lot of thinking as in considering consequence of their decisions.
Not that it is very surprising given that they are a industry group, but still.
It is quite telling that the Linux Foundation didn't do more publicity on this outrage.
It inevitably leads to the conclusion that all the big corporate members have legal contracts with Microsoft that protects their Linux related business in some way that make relying on Microsoft for access to phyical machines unproblematic.
Anyone else, including smaller corporate members like Red Hat, are left to the wolves.
Good to keep in mind next time some LF,IBM, Intel, etc press release claims that any of those companies is "heavly supporting" Linux.
Posted Nov 22, 2012 0:28 UTC (Thu) by vonbrand (guest, #4458)
Never, ever forget Hanlon's razor.
Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds