[CentOS] Boot failed on latest CentOS 7 update

Sun Aug 2 22:54:08 UTC 2020
Gordon Messmer <gordon.messmer at gmail.com>

On 8/2/20 1:19 PM, John Pierce wrote:
> One of the things that bugs me about PKI trust chains like this, what
> happens if the unthinkable happens, and Microsoft's RootCA gets compromised
> and has to be revoked... does that mean every single piece of UEFI
> hardware  out there needs a BIOS upgrade?


Yes.  They'll be vulnerable to malware signed by the old CA until 
they're updated.

That's better than systems without a PKI trust chain, which are 
vulnerable all of the time.