secure boot - refind not signed by canonical key
Bug #1951921 reported by
Gijs Peskens
This bug affects 2 people
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
refind (Ubuntu) |
Confirmed
|
Undecided
|
Unassigned |
Bug Description
refind_x64.efi is not signed by the Canonical secure boot signing key, making installation without the usage of mok & shims or other methods (i.e.: user uploading keys to the bios) in a secure boot environment impossible.
Since refind, according to the authors page, respects the secure boot chain and will not start software that is not trusted it should also be signed to be usable as a valid and equal alternative to grub2.
To post a comment you must log in.
Status changed to 'Confirmed' because the bug affects multiple users.