From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1SfeCK-0003D0-9U for garchives@archives.gentoo.org; Fri, 15 Jun 2012 21:36:52 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 5C4F9E09E2; Fri, 15 Jun 2012 21:36:15 +0000 (UTC) Received: from mx1.mthode.org (rrcs-24-173-105-85.sw.biz.rr.com [24.173.105.85]) by pigeon.gentoo.org (Postfix) with ESMTP id 67A10E09C9 for ; Fri, 15 Jun 2012 21:35:26 +0000 (UTC) Received: from khorne.mthode.org (unknown [IPv6:2001:470:e1cc:3:c429:1eff:fe2d:6e41]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.mthode.org (Postfix) with ESMTPSA id E40D5EFB1 for ; Fri, 15 Jun 2012 17:35:25 -0400 (EDT) Message-ID: <4FDBAAA0.50902@gentoo.org> Date: Fri, 15 Jun 2012 16:35:28 -0500 From: Matthew Thode User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:13.0) Gecko/20120607 Thunderbird/13.0 Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-dev@lists.gentoo.org Reply-to: gentoo-dev@lists.gentoo.org MIME-Version: 1.0 To: gentoo-dev@lists.gentoo.org Subject: Re: [gentoo-dev] UEFI secure boot and Gentoo References: <20120615042810.GA9480@kroah.com> <20120615044539.GA2130@kroah.com> In-Reply-To: <20120615044539.GA2130@kroah.com> X-Enigmail-Version: 1.5pre Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="------------enig277E3C5525410B385C695A72" X-Archives-Salt: 50d9248b-3d91-456c-9ba8-aa8a0e77d869 X-Archives-Hash: a79926908120abbf24925c91d81c952f This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enig277E3C5525410B385C695A72 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable On 06/14/2012 11:45 PM, Greg KH wrote: > On Thu, Jun 14, 2012 at 09:28:10PM -0700, Greg KH wrote: >> So, anyone been thinking about this? I have, and it's not pretty. >> >> Should I worry about this and how it affects Gentoo, or not worry abou= t >> Gentoo right now and just focus on the other issues? >> >> Minor details like, "do we have a 'company' that can pay Microsoft to >> sign our bootloader?" is one aspect from the non-technical side that I= 've >> been wondering about. >=20 > Oh, and for those that don't know, I did a lot of UEFI secure boot work= > in the past at SUSE, and should be soon a member of the UEFI > "organization" through my work at the Linux Foundation, so I do have a > basic grasp of the issues involved, and have a chance to get changes > made, if needed, and possible, to the spec itself. >=20 > greg k-h >=20 One of these days I'd like to pick your brain about some hardened UEFI interactions I've seen (with pipacs watching). --=20 -- Matthew Thode (prometheanfire) --------------enig277E3C5525410B385C695A72 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.17 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQIcBAEBAgAGBQJP26qoAAoJECRx6z5ArFrDH+sP/2GpuFoYt1opD9PNsOvERbcK Fo7N1l3WzrcTdkGtgnWHdcAJ6x1/44mSY29d78/4DOQFi+lhGzS6fRxUYcxHStQ+ vg9e9DC8XzdE4JQ6TZEopzAhvzUxsbHuL/vFqNn0k4lz7nBWqRft3mODuwrQ/MCJ xwKkS+D4eq0z7rZmZXwFilwag0zUJTGQQnI9AT8yE0zPvQbEknHFWDIVefnt39On EFDttp6FUGcnQzgaZH6GxcpGCFZYBXvzCG4z63V1mSU/3FNhz0bDdH3tfivQe2xL Rdiauy34jUhaprm6eQ4OQwKB2VEOVIWqrLNpw8OydemnzgxyZ9Xju/3XOyAgbjmd OP/tYTePIhGiHMA9fQh1GntYGTsvgBBYi4E70FT7YaowV2NvGj+hrziwpmVP8FTU gCL1Ykr6LxOFS3CfM5snQ1p7a991fZcN++kfMnWEeIv7WdQTxxglNFobNn9Re3MY Il3zekNVsvp5xEnqurtPyfpA5g4yOQLQEVMYqFWJRRo78QZ6C8+sVrlXH2y8oduU D7dtEwkNua2VTkvL5ZHs37hfcNFHXWUf7dfIMianYXXyDOySm/tjwRqfedHV0YRa xeiQDJH87eoKKq8k4aaq87Ik7t7FCZoOQbkcDKQX6INRT/BBLuroe3fEJrBkfft7 jKPQjLpaYJ9H8fS9uUli =5IOF -----END PGP SIGNATURE----- --------------enig277E3C5525410B385C695A72--