Comment 0 for bug 1764794

We should switch the default kernle install to the signed kernel. This makes it much harder to uninstall the signed kernel in environments which enforce the kernel to be signed. Boot loaders which can understand and validate it want the signed image, those which do not should ignore the appended signature.