Hi Nayna, these are not the production keys, but just test/dev keys. We even do not have the production key for the grunb2 bootloader part for ppc yet. (grub2 and kernel are signed with different keys)
The usual approach is to do a verification based on test/dev keys to ensure that everything is fine, the overall e2e secureboot process is not broken, nothing unwanted is exposed and the production key is not harmed (or put at risk). If we would use the production key right away, and later notice that it got compromised, it would need to be invalidated and replaced (on all system) - that is what needs to be avoided. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2064319 Title: Power guest secure boot with key management: GRUB2 portion To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-power-systems/+bug/2064319/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
