It depends on the hardware vendor. Which hardware vendor they faced the issue?

On Wednesday, March 27, 2013, wrote:

Y'know, I was just reading an article about a Spanish Linux group filing a complaint with the EU regulators about UEFI, and I was struck by a thought: why is it that the OEM does not provide the UEFI key with the hardware FOR THAT BOARD AND UEFI, rather than have it provided by M$?

Any clues (or should I just assume it's more M$ kickbacks...)?

    mark

---

CentOS mailing list CentOS@centos.org javascript:; http://lists.centos.org/mailman/listinfo/centos

On 03/27/2013 09:25 AM, m.roth@5-cent.us wrote:

why is it that the OEM does not provide the UEFI key with the hardware FOR THAT BOARD AND UEFI, rather than have it provided by M$?

Because then you'd have to install a version of Windows (or any other OS) signed FOR THAT BOARD AND UEFI.

Secure Boot has its design rooted in x509, just like SSL. There could be more than one trusted CA, and will be when users install one of their own. However, the more CAs there are, the greater the risk of malware being signed and compromising the security of the system.

MS doesn't provide the signing service, anyway. Verisign does.