> Sure temporary disabling secure boot for making Linux installs easier is nice, but not required for functionality.
For as long as Microsoft deigns to allow the signed shim to boot.
Microsoft is the only key authority allowed by the main PC manufacturers. If you wish to become a key authority yourself, to allow your OS to boot on Secure Boot enabled devices without asking the end user to install additional keys (note: some devices may not allow this), then you must go to the OEMs individually and petition to be added to their key authority list. Prices from the OEMs that allow this are in the millions of dollars.
What is holding them back is regulatory oversight, and the fear of it.
So if they ever do so, it's not a fault of "secure boot" and similar, but 100% the fault of politicians seriously messing up their job.
EDIT: You can also blame Apple, for constantly pushing in a direction where such regulatory oversight is removed. (END EDIT)
IMHO Secure Boot and TPM are features I want in my system if properly implemented. A laptop not supporting some form of secure boot and TPM would be for me a reason for not buying it. (Through being able to use custom platform keys is also a must have for me.)
For as long as Microsoft deigns to allow the signed shim to boot.
Microsoft is the only key authority allowed by the main PC manufacturers. If you wish to become a key authority yourself, to allow your OS to boot on Secure Boot enabled devices without asking the end user to install additional keys (note: some devices may not allow this), then you must go to the OEMs individually and petition to be added to their key authority list. Prices from the OEMs that allow this are in the millions of dollars.