Re: [GIT PULL] Load keys from signed PE binaries
From: Florian Weimer
Date: Tue Feb 26 2013 - 16:40:24 EST
* Chris Friesen:
> On 02/25/2013 10:14 AM, Matthew Garrett wrote:
>> Windows 8 will not load unsigned drivers if Secure Boot is enabled.
>
> For reference:
>
> http://msdn.microsoft.com/en-us/library/windows/desktop/hh848062%28v=vs.85%29.aspx
Thanks. Do you know perchance of any other Microsoft documentation in
this area, that is, their PKI architecture, the signing and revocation
policies, or even security objectives for the Secure Boot
implementation?
The Windows 8 logo requirements are pretty thin on this and only
specify the "Microsoft Windows Production PCA 2011" (which is used to
sign the Windows boot loader). Policy-wise, I've seen very little
published information (most of it is hearsay), and as to the
objectives, I'm really in the dark.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/