Comment # 4 on bug 1173115 from Ludwig Nussel

Moving to kernel then. If that behavior is intentional we should document it in
the release notes.

It feels a bit like a layering violation to mess with the certs in the kernel
%post also. Shouldn't update-bootloader take care of the certs instead?