Linux Foundation Struggles With Microsoft UEFI Signing

Written by Michael Larabel in Microsoft on 20 November 2012 at 10:10 AM EST. 48 Comments
MICROSOFT
James Bottomley has written about the problems being faced by the Linux Foundation in having a Microsoft-approved validly-signed UEFI pre-bootloader.

There's many hurdles to jump from Microsoft and Verisign/Symantec for obtaining a valid signing key. There's third-party open-source tools for handling much of the signing process, but in the end Windows is still needed due to a Silverlight-based file uploader for the UEFI binary. The Mono-based Moonlight doesn't work with the Silverlight uploader. After uploading the cabinet file for signing, there's a seven-stage process.

Unfortunately, it's with this seven-stage process on Microsoft's end is where the Linux Foundation binary is stuck. "I’m still not sure what the actual problem is, but if you look at the Subject of the signing key, there’s nothing in the signing key to indicate the Linux Foundation, therefore I suspect the problem is that the binary is signed with a generic Microsoft key instead of a specific (and revocable) key tied to the Linux Foundation."

Bottomley ends with, "We’re still waiting for Microsoft to give the Linux Foundation a validly signed pre-bootloader. When that happens, it will get uploaded to the Linux Foundation website for all to use." The full status can be read on his blog.

For those not familiar with the Linux Foundation's UEFI/SecureBoot plans, they're outlined here.
48 Comments
Related News
Microsoft's CBL-Mariner Linux Distribution Now Ships The AMD Graphics Driver
Microsoft Preparing For Their First Vulkan Extension
Linux Features Loved By Microsoft Engineers Working On WSL2
Microsoft's Linux Distribution Finally Adds Support For XFS Root File-Systems
Linux 6.4 Can Run As A Confidential AMD SEV-SNP vTOM Guest On Microsoft Hyper-V
Microsoft Continues Building Out Its Linux Distribution With More Packages
About The Author
Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week
Red Hat To Stop Shipping LibreOffice In Future RHEL, Limiting Fedora LO Involvement
System76's Coreboot Open Firmware Manages To Disable Intel ME For Raptor Lake
Debian 12 "Bookworm" Set For Release Next Week With Around 100 Known Bugs
NVIDIA R535 Linux Beta Brings New Vulkan Extensions, DMA-BUF v4 Wayland Protocol
Phoronix.com Turns 19 Years Old For Covering Linux Hardware, Open-Source News
Linux 6.3.5 Released With XFS Metadata Corruption Fix
Steam On Linux Use Ticked Higher In May, 25% Of Linux Gamers Are Using The Steam Deck
AMD Ready For Ryzen Linux Systems To Use AMD P-State Active Mode By Default