Two whole years.

AArch64 is declining. All focus these days is on RISC-V.

I don't mind that.

I also wouldn't mind but rather it might be that:
1. Debian is not used for AArch64, it's probably mostly Ubuntu and RHEL
2. Secure boot is not used much for AArch64. For embedded it's not really used and for servers I guess it's also not really needed and used.

So much so for one of the most stable distros on earth...

I'm pretty sure other distros don't have this issue.

Nah, RasperryPI alone would suggest a big AA64 userbase.

That sounds much more like a possibility. Secure boot is only helpful in one specific situation, if an attacker has physical access. If you can prevent physical access in another way, there is no benefit from SecBoot.

maybe, just "maybe", nobody wants the overcomplicated mess that is EFI (and ACPI) on modern, non-x86 ISAs like ARM and RISCV ? https://www.youtube.com/watch?v=tkOZ2DrDu6U

Yep, atleast for now. Given that I still have to tinker with any SOC, I prefer to use a device tree and some simple bootloader.

In 2023 SecureBoot is barely a thing.

Get back to ye olde Windows RT you retro piece of sillyness

1. Plenty of people use it, but most ARM64 systems probably aren't using UEFI/Secure Boot. They're using whatever the OEM uses to bring the board up.
2. SB is used on corporate servers, but most corporate servers are Intel/AMD based, not ARM. ARM OEMs use a variety of ways of securing the boot chain - but in those cases it's more to restrict 3rd party ROMs and vendor lock-in rather than securing the boot chain.
3. Corporate users are also more likely to be using something other than Debian - (first party) contract support is a Big Thing and Debian doesn't really have that where-as IBM/RedHat, SUSE, and Canonical do.
4. Debian's broken SB might have made its way to Ubuntu's repository at one point because it's suspiciously like a similar breakage when I tried to re-install 22.04 a while back on my PC. There's was a certificate change associated with a shim upgrade that can for some strange reason I never really got to the bottom of result in 22.04.1 install image not booting in a secure boot environment in some circumstances on PCs with a bad cert error.
5. It's definitely a problem with Debian derivatives. Windows, RHEL, and Fedora had no problems booting in the same environment.