[CentOS-devel] testing SecureBoot

Karanbir Singh

mail-lists at karan.org
Mon Jun 23 15:18:22 UTC 2014


On 06/21/2014 01:44 AM, Karanbir Singh wrote:
> As a part of what we are doing in the project - and something we want to
> extend to all content built + signed + delivered via the project
> resources - I've been working on secureboot facilities and getting the
> infra around it online.

My High Availability strategy around the secureboot infra just too a
hit, while it should have worked, the failover signing mechanism does
not produce a close enough match for the shim to do its thing.

Pondering alternatives, am not happy with a SPOF for something of this
nature.

-- 
Karanbir Singh
+44-207-0999389 | http://www.karan.org/ | twitter.com/kbsingh
GnuPG Key : http://www.karan.org/publickey.asc



More information about the CentOS-devel mailing list