<p>Linux Outlaws podcast has had good coverage. </p>
<div class="gmail_quote">On Oct 11, 2011 9:09 AM, "Michael Mol" <<a href="mailto:mikemol@gmail.com">mikemol@gmail.com</a>> wrote:<br type="attribution"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
On Tue, Oct 11, 2011 at 2:29 AM, Joseph VanDerStelt<br>
<<a href="mailto:joseph.vanderstelt@gmail.com">joseph.vanderstelt@gmail.com</a>> wrote:<br>
> <a href="http://www.dslreports.com/forum/r26341356-Windows-8-Secure-Boot-Would-Exclude-Linux" target="_blank">http://www.dslreports.com/forum/r26341356-Windows-8-Secure-Boot-Would-Exclude-Linux</a><br>
><br>
> Has anyone seen information on this?<br>
<br>
Yes.<br>
<br>
Summary:<br>
1) UEFI supports forcing the loading of signed bootloaders, with keys<br>
stores in system BIOS<br>
2) Microsoft will be requiring hardware manufacturers who want to be<br>
Win8 Certified to support restricting the system to only boot from<br>
signed bootloaders.<br>
3) The UEFI keystore and crypto controls must not support programmatic<br>
manipulation.<br>
<br>
What this does not say, and does not mean:<br>
1) Hardware manufacturers are disallowed from booting other operating systems.<br>
2) Operating system vendors must get Microsoft's or hardware OEM's<br>
specific blessing to run their software.<br>
<br>
There are a few "outs" that will allow us to run Linux on hardware<br>
which can also run Win8:<br>
1) OEMs may provide keys to allow you to sign your own bootloaders.<br>
2) OEMs may allow you to disable crypto checking. (Win8 certification<br>
requires that it be supported, not that it be employed)<br>
<br>
At this stage, the onus is now on OEMs if they wish to support more<br>
operating systems than Windows 8. Such as Win7 or Linux...and hardware<br>
OEMs know it would be suicidal to drop support for Linux on server<br>
hardware.<br>
<br>
I expect the general outcome will be that the Dells, eMachines and HPs<br>
in the desktop world will have the most likely of any to become<br>
Win8-only, but any manufacturer that sells motherboards to end-users<br>
will either provide user access to the UEFI keystore, or they will<br>
allow bootloader signature checking to be disabled.<br>
<br>
--<br>
:wq<br>
<br>
--<br>
This message has been scanned for viruses and<br>
dangerous content by MailScanner, and is<br>
believed to be clean.<br>
<br>
_______________________________________________<br>
grlug mailing list<br>
<a href="mailto:grlug@grlug.org">grlug@grlug.org</a><br>
<a href="http://shinobu.grlug.org/cgi-bin/mailman/listinfo/grlug" target="_blank">http://shinobu.grlug.org/cgi-bin/mailman/listinfo/grlug</a><br>
</blockquote></div>
<br />--
<br />This message has been scanned for viruses and
<br />dangerous content by
<a href="http://www.mailscanner.info/"><b>MailScanner</b></a>, and is
<br />believed to be clean.