Canonical 和 Red Hat 呼吁 Secure boot 選擇權

幾個星期前微軟要求win8認證客戶機支持安全啟動，啟動進程內的所有固件和軟件都需要可信CA簽名，顯然微軟試圖鎖定啟動進程，阻止安裝無簽名的第三方系統如Linux。前不久，自由軟件基金會(FSF)就此發表聲明，稱限制性的安全啟動將會讓電腦只能運行微軟的操作系統，限制用戶安裝自由軟件GNU/Linux的自由，它呼吁簽名抵制。（原報道）現在Canonical 和 Red Hat 聯手發布白皮書UEFI Secure Boot Impact on Linux [PDF]，由Jeremy Kerr, Matthew Garrett, and James Bottomley撰稿，呼吁所有用戶應擁有Secure Boot選擇權，系統商應建立一個機制讓用戶來配置自己認可的軟件列表，PC機應包含一個應用界面允許用戶輕易啟用/禁用Secure boot。

“We present a set of recommendations that will allow users the freedom to choose their software, while retaining the security features of UEFI Secure Boot, and complying with open source licenses used in distributions of Linux.”

另外：

Linux基金會同樣也于今日發表了一份UEFI Secure Boot白皮書：Making UEFI Secure Boot Work With Open Platforms，由James Bottomley and Jonathan Corbet撰稿。

“Linux and other open operating systems will be able to take advantage of secure boot if it is implemented properly in the hardware. This document is intended to describe how the UEFI secure boot specification can be implemented to interoperate well with open systems and to avoid adversely affecting the rights of the owners of those systems while providing compliance with proprietary software vendors’ requirements.”

兩份白皮書都定義了UEFI Secure Boot 規范應如何定義，以讓PC正常運行自由操作系統。

本文轉載自: http://blog.51osos.com/linuxnews/canonical_redhat_secure_boot/