From owner-freebsd-questions@FreeBSD.ORG Thu Jun 14 07:51:51 2012 Return-Path: Delivered-To: questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 0D25210657A6 for ; Thu, 14 Jun 2012 07:51:51 +0000 (UTC) (envelope-from cpghost@cordula.ws) Received: from mail-pz0-f54.google.com (mail-pz0-f54.google.com [209.85.210.54]) by mx1.freebsd.org (Postfix) with ESMTP id D18A88FC1A for ; Thu, 14 Jun 2012 07:51:50 +0000 (UTC) Received: by dadv36 with SMTP id v36so2276060dad.13 for ; Thu, 14 Jun 2012 00:51:50 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:x-originating-ip:in-reply-to:references:date :message-id:subject:from:to:cc:content-type:x-gm-message-state; bh=6c7gnIYlthp7vv6uW97lelrJxazGDxS517RCb/Sbws0=; b=Gf5+ie2X4E6RTgbiCp4+MBnN5VSvzUhuV1h4va4r2e9trr2lfU+/aPwtdnEKj4ddX6 RKYCUFo+0th+9P2+I2PJhBPeJlrca6pmqaBCsZHlQ4IkjX6U6+rL344L/R89ecvwd5E0 uu2xyFEUk9QS4pavnYbAt18Mh6IR24A7NYo/xxesF1TRQKIQnU8vpGJUXP6mYP2x4krK Kiv3dX9JSVwuRH5VMkTuqVe674z7U0MY2f/dABW1vHqPoKkvj/aCLQITis5eHxYQoAA4 1m4JCNSi+r5lJOkR6vID486sDVTZRrYCi4Kf+Ymod5819kqkwIrg7sGoHr/uoAbxCv3w 1rnQ== MIME-Version: 1.0 Received: by 10.68.217.234 with SMTP id pb10mr5610267pbc.79.1339660307666; Thu, 14 Jun 2012 00:51:47 -0700 (PDT) Received: by 10.68.225.3 with HTTP; Thu, 14 Jun 2012 00:51:46 -0700 (PDT) X-Originating-IP: [93.221.175.200] In-Reply-To: References: Date: Thu, 14 Jun 2012 09:51:46 +0200 Message-ID: From: "C. P. Ghost" To: Kurt Buff Content-Type: text/plain; charset=ISO-8859-1 X-Gm-Message-State: ALoCoQlmFP+GH5rvghE7652PIl+WfBRBLaTvXeICjCo/iSz/Duvt08uUZUai2C+MvF//XB3xdeQf Cc: FreeBSD Questions Subject: Re: Is this something we (as consumers of FreeBSD) need to be aware of? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 14 Jun 2012 07:51:51 -0000 On Tue, Jun 5, 2012 at 8:19 PM, Kurt Buff wrote: > UEFI considerations drive Fedora to pay MSFT to sign their kernel binaries > http://cwonline.computerworld.com/t/8035515/1292406/565573/0/ > > This would seem to make compiling from source difficult. > > Kurt I'm not sure I understand the issue, but this is my take on it so far: 1. What's preventing the makers of boot loaders like GRUB (which can also boot FreeBSD) from getting a certificate ONCE? And if they have one, what's preventing them from loading ANY kernel at all? It is only the first stage boot loader that needs to be signed, or not? 2. What's preventing anyone of us in the EU from stepping up efforts with the EU Commission and the EU Parliament to stop Microsoft from monopolizing the ARM (and later x86) platforms, i.e. by becoming the only gatekeepers? After all, EU sovereign states and their economies can't depend on a US corporation having a global kill switch to their whole infrastructure. We're not just talking about Windows dominance here, but a lot more: dominance on the whole hardware segment. I'm pretty sure this scheme is highly anti-competitive, and I guess it runs afoul of a lot of already existing EU regulations. -cpghost. -- Cordula's Web. http://www.cordula.ws/