secure boot - refind not signed by canonical key

Bug #1951921 reported by Gijs Peskens
This bug affects 1 person
Affects Status Importance Assigned to Milestone
refind (Ubuntu)

Bug Description

refind_x64.efi is not signed by the Canonical secure boot signing key, making installation without the usage of mok & shims or other methods (i.e.: user uploading keys to the bios) in a secure boot environment impossible.

Since refind, according to the authors page, respects the secure boot chain and will not start software that is not trusted it should also be signed to be usable as a valid and equal alternative to grub2.

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers