

Linux Foundation UEFI Secure Boot System for Open Source - asdfs
http://www.linuxfoundation.org/news-media/blogs/browse/2012/10/linux-foundation-uefi-secure-boot-system-open-source

======
asdfs
Source code viewable in a web browser here:
[http://git.kernel.org/?p=linux/kernel/git/jejb/efitools.git;...](http://git.kernel.org/?p=linux/kernel/git/jejb/efitools.git;a=tree)

Some discussion on lwn.net here: <http://lwn.net/Articles/519244/>

It seems very similar to the SuSE solution, except that it uses the UEFI key
store rather than its own separate key store. The main downside is that if you
want a key for loader.efi added (so you don't have to say "yes, I really want
to run this" each time you boot), you have to put UEFI into setup mode and the
interface for doing so depends on the motherboard. So SuSE's is nicer from a
UI standpoint but it puts keys in two locations, while this one is uglier from
a UI standpoint but it keeps all keys within a single UEFI store.

