All, I'd like to suggest that the openSUSE 12.3 boot/install media have the new Linux Foundation pre-boot Secure Boot utility as the first stage of booting. That is in addition to the already discussed plans for handling UEFI secure boot after the initial install. == details There is a new Linux Foundation pre-boot Secure Boot utility available. http://www.linuxfoundation.org/news-media/blogs/browse/2012/10/linux-foundat... Interesting and I'm glad to see it, but it doesn't fundamentally change things for UEFI Secure Boot systems running openSUSE 12.3 and newer. But it does for non-compliant systems that don't have a way to disable Secure Boot during OS installs. As it strongly implies, a pre-boot loader is being created by the Linux Foundation and they are going through the process of getting it signed by an official Microsoft Key. That means all UEFI Secure Boot systems will see this new pre-boot loader as being properly signed. (The new pre-boot loader is going to require a human is at the keyboard before it advances to the boot sequence, so it is not a panacea, especially for servers.) Thus the mechanism to boot non-Microsoft signed media like the openSUSE install media becomes: - Disable Secure Boot in the bios, either one time or permanently OR - Boot via the new Linux Foundation pre-boot loader, confirm you are physically present, then continue boot process to non-signed CD/OS/etc. It seems the openSUSE 12.3 install/boot media should have the new pre-boot loader as the first stage of booting. That would also mean that people using those media won't have to disable secure boot in the bios during installs. It will make the install process much more seemless if the user doesn't have to go into the bios prior to doing the install. Greg -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org