On Fri, Jul 20, 2012 at 4:34 PM, Steve McIntyre wrote: > Here's a summary of what we discussed in the EFI BoF [1] last week > (9th July). Thanks to the awesome efforts of the DebConf video team, > the video of the session is already online [2] in case you missed > it. I've also attached the Gobby notes that were taken during the > session. Again, thanks to the people who took part - we had a useful > discussion.
One thing I don't think anyone has discussed yet is how key transitions will work, if a distro-specific key is compromised, is the OS able to update the SB keys? > Any one binary can only be signed by one key. Would it be possible/useful to circumvent this limitation by making copies of the binary and then signing them? -- bye, pabs http://wiki.debian.org/PaulWise -- To UNSUBSCRIBE, email to debian-boot-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/CAKTje6EGV4vOSw2KeQgJVQqrZsf=r6wy0gzswuodqjqewsh...@mail.gmail.com
