Re: [RFC] Second attempt at kernel secure boot support

From: Matthew Garrett
Date: Fri Nov 02 2012 - 20:20:47 EST

Next message: Jesse Barnes: "Re: [PATCH 1/2] PM: make VT switching to the suspend console optional"
Previous message: akpm: "mmotm 2012-11-02-17-15 uploaded"
In reply to: Alan Cox: "Re: [RFC] Second attempt at kernel secure boot support"
Next in thread: Eric W. Biederman: "Re: [RFC] Second attempt at kernel secure boot support"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, Nov 02, 2012 at 03:03:02PM -0700, Eric W. Biederman wrote:

> I don't want my system p0wned in the first place and I don't want to run
> windows. Why should I trust Microsoft's signing key?

There's no reason to. Systems that don't trust Microsoft's signing key
have no reason to be concerned about Microsoft revocation.
Unfortunately, that's not the only set of people we have to worry about.

--
Matthew Garrett | mjg59@xxxxxxxxxxxxx
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Jesse Barnes: "Re: [PATCH 1/2] PM: make VT switching to the suspend console optional"
Previous message: akpm: "mmotm 2012-11-02-17-15 uploaded"
In reply to: Alan Cox: "Re: [RFC] Second attempt at kernel secure boot support"
Next in thread: Eric W. Biederman: "Re: [RFC] Second attempt at kernel secure boot support"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]