[prev in list] [next in list] [prev in thread] [next in thread]
List: centos
Subject: Re: [CentOS] Boot failed on latest CentOS 7 update
From: Phil Perry <pperry () elrepo ! org>
Date: 2020-08-02 18:45:01
Message-ID: 9e7407d6-ae9e-036a-d28b-a25b6759f1d0 () elrepo ! org
[Download RAW message or body]
On 02/08/2020 16:26, Valeri Galtsev wrote:
>
> On the side note: it is Microsoft that signs one of Linux packages now. We seem to \
> have made one more step away from "our" computers being _our computers_. Am I \
> wrong?
> Valeri
>
Microsoft are the Certificate Authority for SecureBoot and most
SB-enabled hardware (most x86 hardware) comes with a copy of the
Microsoft key preinstalled allowing binaries that are signed by
Microsoft to work. In the case of linux, that is the shim which becomes
the root of trust to load everything else. If you are not happy with
that you can always become your own certificate authority by generating
your own keys, install your signing keys in the hardware's firmware (MOK
list) and sign stuff yourself to use on your own machine(s).
However if you wish to distribute stuff to others and have it work
seamlessly on hardware outside of your direct control and without the
need for every user to import your CA SecureBoot signing key into the
MOK list on every device, you would rely on Microsoft to sign SB related
content.
_______________________________________________
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic