Torvalds blasts Howells, Garrett over secure boot

Howell made a request for a patchset to be pulled into the mainline kernel last Thursday, writing, "It (the patchset) provides a facility by which keys can be added dynamically to a kernel that is running in secure-boot mode.

"To permit a key to be loaded under such a condition, we require that the new key be signed by a key that we already have (and trust) - where keys that we "already have" could include those embedded in the kernel, those in the UEFI database and those in cryptographic hardware."

Complete Story

Related Stories:

• Canonical proposes alternate UEFI Secure Boot solution(Jun 22, 2012)
• Implementing UEFI Secure Boot in Fedora - BY PAYING MICROSOFT?!(May 31, 2012)
• Making UEFI Secure Boot Work With Open Platforms(Oct 28, 2011)
• UEFI "Secure Boot" and Microsoft Windows 8: The danger for free software(Oct 17, 2011)
• Red Hat engineer renews attack on Windows 8-certified secure boot(Sep 27, 2011)
• Microsoft confirms UEFI fears, locks down ARM devices(Jan 15, 2012)