(In reply to Ludwig Nussel from comment #10) > There is no need to sign devel projects > with the official keys. I'm not sure -- does it happen now? I don't think so, as KOTDs have signature from the respective devel projects and mokutil imports them as you write. Not sure what keys are used for signing modules, but upstream kernel (and TW) does not check modules against MOK keys, only vendor ones.