Canonical proposes alternate UEFI Secure Boot solution
With Fedora supporting UEFI Secure Boot by having Microsoft sign its boot loader, Canonical founder and Ubuntu leader Mark Shuttleworth has now weighed in and explained his company's approach to the situation.
Instead of using Microsoft's key, Canonical is planning to get hardware makers to include their own Ubuntu-specific key on hardware. According to Shuttleworth, the reasoning behind this is "so that the entire free software ecosystem is not dependent on Microsoft's goodwill for access to modern PC hardware." Shuttleworth didn't address concerns voiced by Red Hat developer Matthew Garrett that Canonical's approach would mean that Ubuntu would be the only Linux distribution bootable with its key.
If Canonical doesn't intend to offer signing services like Microsoft does, hardware with the Canonical key would in effect be more locked down. So far, Shuttleworth has not commented on the question of whether the company is planning such a service. Microsoft's program theoretically enables other Linux vendors to have their own distribution signed through Verisign with the Microsoft key, but they would have to fulfil requirements to prove they were a real trustworthy organisation.
- Securely booting Linux a "difficult" proposition, a report from The H.
- Linux Foundation releases blueprint for UEFI Secure Boot, a report from The H.
- FSF warns of Windows 8 Secure Boot, a report from The H.