[RFC PATCH v3 00/13] Clavis LSM
Eric Snowberg
eric.snowberg at oracle.com
Fri Mar 21 16:40:35 UTC 2025
> On Mar 20, 2025, at 4:40 PM, James Bottomley <James.Bottomley at HansenPartnership.com> wrote:
>
> On Thu, 2025-03-20 at 16:24 +0000, Eric Snowberg wrote:
>> Having lockdown enforcement has always been
>> a requirement to get a shim signed by Microsoft.
>
> This is factually incorrect. Microsoft transferred shim signing to an
> independent process run by a group of open source maintainers a while
> ago:
Yes, the shim-review process is understood. I'm not sure how my sentence
is factually incorrect though. Unless you are saying Microsoft no longer
maintains the private key. Hopefully that is not the case, since the public
key ships on just about every single PC built.
More information about the Linux-security-module-archive
mailing list