[Linux-aus] UEFI Secure Boot - Precis of List Comments and proposals

Brent Wallis brent.wallis at gmail.com
Fri Aug 10 13:46:51 EST 2012

Hi to All n Sundry,

On 07/08/12 10:00, John Ferlito wrote:
> > On Mon, Aug 06, 2012 at 09:33:05PM +1000, Brent Wallis wrote:
> >> IMHO, the first step in what will probably be a very long road is to
> find
> >> out what Hardware Manufacturers are going to do with UEFI.
> >> Specifically, we need to find out about how they plan to implement key
> >> control
> >> and
> >> How easy it will be for authorised users to implement options 2 and 3.
> >
> > I think this is actually the key issue and what we should be
> > concentrating on.

Since your post, have had to handle some ESX upgrades on our IBM  hosts.
These systems boot from flash and via IPMI have noticed that they use UEFI!

A quick surf through the menus display ugliness beyond anything I could
possibly describe.
The key chain menus on PCI devices is ...well.... poo.
In the limited time I had, nowhere could I find an item to turn off (or
even establish whether it had it or not we actually had) secure boot.

In short, UEFI is here and in prod....already implemented.
I was very surprised to see it in current gen IBM servers!
(I dont "get out much" for those that have!)

Tim said:

> As another reference, please see
> http://www.suse.com/blogs/uefi-secure-boot-overview/ - not that it says
> exactly what SUSE is doing yet, but it's a pretty good high level
> writeup of WTF this thing is, and what the main problem/s is/are.
> Great link.
More detail here:


and a followup to your link is here. Suses' plans for UEFI secure boot:

....and then we can all read the FSF take on the matter:

and a FSF competition that clearly demonstrates their stance:

A press release at this stage would not bode well.
This whole issue is a work in progress, like grabbing at soap bubbles.

But we can not leave things be.

I think LA Australia can service the community by helping with education on
the matter.
Once education (and hopefully understanding) can be established, press
releases can/should follow.

LA Council:
My thinking has changed.
A press release in any form at this point would fall on deaf ears, or
worse, make us look foolish given the fluid nature of the issue.

Could we please establish a page via the LA website with these specific

- A non emotive (as un bias as possible) pre-amble on the whole UEFI / UEFI
secure boot issue with simple descriptions(that may change over time) of
the UEFI implementation process.
- Links to blogs/releases/info on UEFI for as many distros as possible
(sample being Fedora/RH, Suse, Debian, Mint ,... ..<add your preference
- A link to the FSF releases on the matter.
- Links to any releases/blogs/info from manufacturers.
- Links to any blogs from individuals that do kernel work and have to deal
with this.

In short, a nexus for information on UEFI and how it will affect Linux in
Once established....then press releases would follow, and, would be far
more likely to be noticed.

Comment welcome.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.linux.org.au/pipermail/linux-aus/attachments/20120810/702949d0/attachment.htm 

More information about the linux-aus mailing list