Re: Signature verification in GRUB

grub-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Signature verification in GRUB

From:	Chris Murphy
Subject:	Re: Signature verification in GRUB
Date:	Tue, 9 Oct 2012 18:32:49 -0600

Google
"secure boot" site:mjg59.dreamwidth.org

Basically Fedora 18 will be the first Fedora to support UEFI Secure Boot. They 
are moving to a shim bootloader before GRUB2 because GRUB2 is GPLv3 licensed, 
which requires making signing keys available (Installation Method requirement) 
so users can still make their own modifications and boot the system with those 
modifications.

The way I understand it is Fedora will use their own shim signed with the 
Microsoft key, then have the shim load GRUB2. So everything has to be signed or 
the adventure is pointless.

Another strategy is what SUSE is doing, which is a bit different, and worth 
looking into as well. This most recent post may be most applicable but sorta 
depends on understanding the background:
http://mjg59.dreamwidth.org/17542.html


Chris Murphy

[Prev in Thread]

Current Thread

[Next in Thread]

Signature verification in GRUB, Geoffrey Thomas, 2012/10/09
- Re: Signature verification in GRUB, Chris Murphy <=
  - Re: Signature verification in GRUB, Geoffrey Thomas, 2012/10/09
  - Re: Signature verification in GRUB, Matthew Garrett, 2012/10/10
    - Re: Signature verification in GRUB, Chris Murphy, 2012/10/10
- Re: Signature verification in GRUB, Vladimir 'φ-coder/phcoder' Serbinenko, 2012/10/13
  - Re: Signature verification in GRUB, Geoffrey Thomas, 2012/10/15
    - Re: Signature verification in GRUB, Vladimir 'φ-coder/phcoder' Serbinenko, 2012/10/18
    - Re: Signature verification in GRUB, Geoffrey Thomas, 2012/10/18

Prev by Date: Signature verification in GRUB
Next by Date: Re: Signature verification in GRUB
Previous by thread: Signature verification in GRUB
Next by thread: Re: Signature verification in GRUB
Index(es):
- Date
- Thread