Comment 166 for bug 1040557

And just for completeness of info in my last post, use of refind boot manager could be a usefull thing for people manually installing/configuring the boot process in the uefi setup. However I dont think by default it allows the secure boot chain to be passed down to the kernel, unless one uses/installs ones own PK (I think called custom boot mode at uefi firmware level) and suitable signing OR hash configuration in case of Linux foundations signed loader.