From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org)
	by finch.gentoo.org with esmtp (Exim 4.60)
	(envelope-from <gentoo-dev+bounces-52607-garchives=archives.gentoo.org@lists.gentoo.org>)
	id 1SgBfr-0003jc-07
	for garchives@archives.gentoo.org; Sun, 17 Jun 2012 09:21:35 +0000
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id 4883DE0B76;
	Sun, 17 Jun 2012 09:21:21 +0000 (UTC)
Received: from out3-smtp.messagingengine.com (out3-smtp.messagingengine.com [66.111.4.27])
	by pigeon.gentoo.org (Postfix) with ESMTP id DCF49E09D8
	for <gentoo-dev@lists.gentoo.org>; Sun, 17 Jun 2012 09:20:46 +0000 (UTC)
Received: from compute3.internal (compute3.nyi.mail.srv.osa [10.202.2.43])
	by gateway1.nyi.mail.srv.osa (Postfix) with ESMTP id 956E121077
	for <gentoo-dev@lists.gentoo.org>; Sun, 17 Jun 2012 05:20:46 -0400 (EDT)
Received: from frontend2.nyi.mail.srv.osa ([10.202.2.161])
  by compute3.internal (MEProxy); Sun, 17 Jun 2012 05:20:46 -0400
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d=binarywings.net;
	 h=message-id:date:from:mime-version:to:subject:references
	:in-reply-to:content-type; s=mesmtp; bh=uh/FzqSB17HKAnoUXoT2Z3Wa
	3lU=; b=Rt3tmRkkhUwB9UoI9fbVD8DcliXQEeZgjgiicLmPDQCs318mOeEqZXrk
	zQD1+3Khn1MQ8Wd1DUPd4hcrZvJJmrO+4AJ4nP9+9PuOEEa9mvIHMCyv+QKf1SUb
	fTNRHCgWLf6kbJ/KYF3ACwE2wAOGAFtlsKqpPW7iKEsCMYl8b2Q=
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d=
	messagingengine.com; h=message-id:date:from:mime-version:to
	:subject:references:in-reply-to:content-type; s=smtpout; bh=uh/F
	zqSB17HKAnoUXoT2Z3Wa3lU=; b=RmCx1l4g5OGxuP0JYrpgiQTupybD7Whfei5r
	T42pq7d4ci4PXywak+10vSS4dU39XEeJI3ZSQRKB8NKU/2aB3ZlSyGokAkaeoLlZ
	GiCixPcG4MexFiNCFco06jTv7jSbrQwBlwk516I91d+SOB/uOfnVb7tYBWaaP9OH
	NA2WB6Q=
X-Sasl-enc: PCKm7uShleeCcdCtzSQnQFlijFqH55ch0BE/HaABW+Dj 1339924846
Received: from [192.168.5.18] (unknown [83.169.5.6])
	by mail.messagingengine.com (Postfix) with ESMTPA id 13D004825F1
	for <gentoo-dev@lists.gentoo.org>; Sun, 17 Jun 2012 05:20:45 -0400 (EDT)
Message-ID: <4FDDA166.8010404@binarywings.net>
Date: Sun, 17 Jun 2012 11:20:38 +0200
From: Florian Philipp <lists@binarywings.net>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:10.0.4) Gecko/20120602 Thunderbird/10.0.4
Precedence: bulk
List-Post: <mailto:gentoo-dev@lists.gentoo.org>
List-Help: <mailto:gentoo-dev+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-dev+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-dev+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-dev.gentoo.org>
X-BeenThere: gentoo-dev@lists.gentoo.org
Reply-to: gentoo-dev@lists.gentoo.org
MIME-Version: 1.0
To: gentoo-dev@lists.gentoo.org
Subject: Re: [gentoo-dev] Re: UEFI secure boot and Gentoo
References: <20120615042810.GA9480@kroah.com> <pan.2012.06.15.04.50.46@cox.net> <4FDAEA24.3010303@binarywings.net> <20120616195104.192e5abd@pomiocik.lan>
In-Reply-To: <20120616195104.192e5abd@pomiocik.lan>
X-Enigmail-Version: 1.3.5
Content-Type: multipart/signed; micalg=pgp-sha1;
 protocol="application/pgp-signature";
 boundary="------------enig61C7E66E9B31154FCA81219B"
X-Archives-Salt: 0d9e98ed-6c82-41cb-a883-b7ca8f5e5c73
X-Archives-Hash: 02da81923dca7b542cfe5c3680e4e19a

This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
--------------enig61C7E66E9B31154FCA81219B
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

Am 16.06.2012 19:51, schrieb Micha=C5=82 G=C3=B3rny:
> On Fri, 15 Jun 2012 09:54:12 +0200
> Florian Philipp <lists@binarywings.net> wrote:
>=20
>> Am 15.06.2012 06:50, schrieb Duncan:
>>> Greg KH posted on Thu, 14 Jun 2012 21:28:10 -0700 as excerpted:
>>>
>>>> So, anyone been thinking about this?  I have, and it's not pretty.
>>>>
>>>> Should I worry about this and how it affects Gentoo, or not worry
>>>> about Gentoo right now and just focus on the other issues?
>>>>
>>>> Minor details like, "do we have a 'company' that can pay Microsoft
>>>> to sign our bootloader?" is one aspect from the non-technical side
>>>> that I've been wondering about.
>>>
>>> I've been following developments and wondering a bit about this
>>> myself.
>>>
>>> I had concluded that at least for x86/amd64, where MS is mandating
>>> a user controlled disable-signed-checking option, gentoo shouldn't
>>> have a problem.  Other than updating the handbook to accommodate
>>> UEFI, presumably along with the grub2 stabilization, I believe
>>> we're fine as if a user can't figure out how to disable that option
>>> on their (x86/amd64) platform, they're hardly likely to be a good
>>> match for gentoo in any case.
>>>
>>
>> As a user, I'd still like to have the chance of using Secure Boot with=

>> Gentoo since it _really_ increases security. Even if it means I can no=

>> longer build my own kernel.
>=20
> It doesn't. It's just a very long wooden fence; you just didn't find
> the hole yet.
>=20

Oh come on! That's FUD and you know it. If not, did you even look at the
specs and working principle?

Regards,
Florian Philipp


--------------enig61C7E66E9B31154FCA81219B
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk/doWwACgkQqs4uOUlOuU9NggCfb7X/z4lU/wWZ7tIiKQYSYGjp
uKgAnis23lohn8WZfekCwYPx1SIeO3K7
=ATKR
-----END PGP SIGNATURE-----

--------------enig61C7E66E9B31154FCA81219B--