[Linux-aus] UEFI Secure Boot - Precis of List Comments and proposals
brent.wallis at gmail.com
Fri Aug 10 13:46:51 EST 2012
Hi to All n Sundry,
On 07/08/12 10:00, John Ferlito wrote:
> > On Mon, Aug 06, 2012 at 09:33:05PM +1000, Brent Wallis wrote:
> >> IMHO, the first step in what will probably be a very long road is to
> >> out what Hardware Manufacturers are going to do with UEFI.
> >> Specifically, we need to find out about how they plan to implement key
> >> control
> >> and
> >> How easy it will be for authorised users to implement options 2 and 3.
> > I think this is actually the key issue and what we should be
> > concentrating on.
Since your post, have had to handle some ESX upgrades on our IBM hosts.
These systems boot from flash and via IPMI have noticed that they use UEFI!
A quick surf through the menus display ugliness beyond anything I could
The key chain menus on PCI devices is ...well.... poo.
In the limited time I had, nowhere could I find an item to turn off (or
even establish whether it had it or not we actually had) secure boot.
In short, UEFI is here and in prod....already implemented.
I was very surprised to see it in current gen IBM servers!
(I dont "get out much" for those that have!)
> As another reference, please see
> http://www.suse.com/blogs/uefi-secure-boot-overview/ - not that it says
> exactly what SUSE is doing yet, but it's a pretty good high level
> writeup of WTF this thing is, and what the main problem/s is/are.
> Great link.
More detail here:
and a followup to your link is here. Suses' plans for UEFI secure boot:
....and then we can all read the FSF take on the matter:
and a FSF competition that clearly demonstrates their stance:
A press release at this stage would not bode well.
This whole issue is a work in progress, like grabbing at soap bubbles.
But we can not leave things be.
I think LA Australia can service the community by helping with education on
Once education (and hopefully understanding) can be established, press
releases can/should follow.
My thinking has changed.
A press release in any form at this point would fall on deaf ears, or
worse, make us look foolish given the fluid nature of the issue.
Could we please establish a page via the LA website with these specific
- A non emotive (as un bias as possible) pre-amble on the whole UEFI / UEFI
secure boot issue with simple descriptions(that may change over time) of
the UEFI implementation process.
- Links to blogs/releases/info on UEFI for as many distros as possible
(sample being Fedora/RH, Suse, Debian, Mint ,... ..<add your preference
- A link to the FSF releases on the matter.
- Links to any releases/blogs/info from manufacturers.
- Links to any blogs from individuals that do kernel work and have to deal
In short, a nexus for information on UEFI and how it will affect Linux in
Once established....then press releases would follow, and, would be far
more likely to be noticed.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the linux-aus