Windows 8's use of the UEFI Secure Boot

NoOp glgxg at
Tue Sep 27 16:48:07 UTC 2011

On 09/27/2011 01:41 AM, Colin Watson wrote:
> On Tue, Sep 27, 2011 at 10:58:33AM +0800, Goh Lip wrote:
>> Perhaps this would explain better...
>> but granted, it may be interpreted that Microsoft uses
>> CA-certification to block other boot-loaders booting it.
> Nothing in that article supports the position that GRUB 2 is
> CA-certified.  I can tell you with considerable confidence that it is
> not at this time, and that it is not at all clear what we would need to
> do in order to do so - would GRUB have to be modified to only boot
> signed kernels if we were to avoid our key being immediately revoked?
> That wouldn't be pretty.
> (Anyway, Matthew Garrett has responded to Microsoft's response ...)

For those interested, Matthew's Journal is here:
[UEFI secure booting]
[UEFI secure booting (part 2)]
[Supporting UEFI secure boot on Linux: the details]


More information about the ubuntu-users mailing list