Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S936103Ab2KAVxY (ORCPT ); Thu, 1 Nov 2012 17:53:24 -0400 Received: from lxorguk.ukuu.org.uk ([81.2.110.251]:35322 "EHLO lxorguk.ukuu.org.uk" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1762334Ab2KAVxV (ORCPT ); Thu, 1 Nov 2012 17:53:21 -0400 Date: Thu, 1 Nov 2012 21:58:17 +0000 From: Alan Cox To: Matthew Garrett Cc: James Bottomley , Eric Paris , Jiri Kosina , Oliver Neukum , Chris Friesen , Josh Boyer , linux-kernel@vger.kernel.org, linux-security-module@vger.kernel.org, linux-efi@vger.kernel.org Subject: Re: [RFC] Second attempt at kernel secure boot support Message-ID: <20121101215817.79e50ec2@pyramind.ukuu.org.uk> In-Reply-To: <20121101213452.GA20564@srcf.ucam.org> References: <1351780935.2391.58.camel@dabdike.int.hansenpartnership.com> <1351783096.2391.77.camel@dabdike.int.hansenpartnership.com> <1351803800.2391.96.camel@dabdike.int.hansenpartnership.com> <20121101210634.GA19723@srcf.ucam.org> <20121101213127.5967327f@pyramind.ukuu.org.uk> <20121101212843.GA20309@srcf.ucam.org> <20121101213751.377ebaa8@pyramind.ukuu.org.uk> <20121101213452.GA20564@srcf.ucam.org> X-Mailer: Claws Mail 3.8.1 (GTK+ 2.24.8; x86_64-redhat-linux-gnu) Face: iVBORw0KGgoAAAANSUhEUgAAADAAAAAwBAMAAAClLOS0AAAAFVBMVEWysKsSBQMIAwIZCwj///8wIhxoRDXH9QHCAAABeUlEQVQ4jaXTvW7DIBAAYCQTzz2hdq+rdg494ZmBeE5KYHZjm/d/hJ6NfzBJpp5kRb5PHJwvMPMk2L9As5Y9AmYRBL+HAyJKeOU5aHRhsAAvORQ+UEgAvgddj/lwAXndw2laEDqA4x6KEBhjYRCg9tBFCOuJFxg2OKegbWjbsRTk8PPhKPD7HcRxB7cqhgBRp9Dcqs+B8v4CQvFdqeot3Kov6hBUn0AJitrzY+sgUuiA8i0r7+B3AfqKcN6t8M6HtqQ+AOoELCikgQSbgabKaJW3kn5lBs47JSGDhhLKDUh1UMipwwinMYPTBuIBjEclSaGZUk9hDlTb5sUTYN2SFFQuPe4Gox1X0FZOufjgBiV1Vls7b+GvK3SU4wfmcGo9rPPQzgIabfj4TYQo15k3bTHX9RIw/kniir5YbtJF4jkFG+dsDK1IgE413zAthU/vR2HVMmFUPIHTvF6jWCpFaGw/A3qWgnbxpSm9MSmY5b3pM1gvNc/gQfwBsGwF0VCtxZgAAAAASUVORK5CYII= Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1306 Lines: 32 On Thu, 1 Nov 2012 21:34:52 +0000 Matthew Garrett wrote: > On Thu, Nov 01, 2012 at 09:37:51PM +0000, Alan Cox wrote: > > On Thu, 1 Nov 2012 21:28:43 +0000 > > Matthew Garrett wrote: > > > Lawyers won't remove blacklist entries. > > > > Fear Uncertainty and Doubt > > > > Courts do, injunctions do, the possibilty of getting caught with theirs > > hands in the till does. > > I think you've misunderstood. Blacklist updates are append only. I think you've misunderstood - thats a technical detail that merely alters the cost to the people who did something improper. If Red Hat want to ship a kernel that is very very locked down - fine. It's a business choice and maybe it'll sell to someone. The implementation is non-offensive in its mechanism for everyone else so technically I don't care, but the 'quiver before our new masters and lick their boots' stuff isn't a technical (or sane business) approach so can we cut the trying to FUD other people into doing what you believe your new master requires. Alan -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/