From mboxrd@z Thu Jan 1 00:00:00 1970 From: Matthew Garrett Subject: Re: [RFC] Second attempt at kernel secure boot support Date: Sat, 3 Nov 2012 00:20:34 +0000 Message-ID: <20121103002033.GA18691@srcf.ucam.org> References: <20121101210634.GA19723@srcf.ucam.org> <20121101213127.5967327f@pyramind.ukuu.org.uk> <20121101212843.GA20309@srcf.ucam.org> <20121101213751.377ebaa8@pyramind.ukuu.org.uk> <20121101213452.GA20564@srcf.ucam.org> <20121101215817.79e50ec2@pyramind.ukuu.org.uk> <20121101215752.GA21154@srcf.ucam.org> <87625ogzje.fsf@xmission.com> <20121102140057.GA4668@srcf.ucam.org> <87liejacix.fsf@xmission.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Return-path: Content-Disposition: inline In-Reply-To: <87liejacix.fsf-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org> Sender: linux-efi-owner-u79uwXL29TY76Z2rM5mHXA@public.gmane.org To: "Eric W. Biederman" Cc: Alan Cox , James Bottomley , Eric Paris , Jiri Kosina , Oliver Neukum , Chris Friesen , Josh Boyer , linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org, linux-security-module-u79uwXL29TY76Z2rM5mHXA@public.gmane.org, linux-efi-u79uwXL29TY76Z2rM5mHXA@public.gmane.org List-Id: linux-efi@vger.kernel.org On Fri, Nov 02, 2012 at 03:03:02PM -0700, Eric W. Biederman wrote: > I don't want my system p0wned in the first place and I don't want to run > windows. Why should I trust Microsoft's signing key? There's no reason to. Systems that don't trust Microsoft's signing key have no reason to be concerned about Microsoft revocation. Unfortunately, that's not the only set of people we have to worry about. -- Matthew Garrett | mjg59-1xO5oi07KQx4cg9Nei1l7Q@public.gmane.org