It would appear that on Oct 24, Greg Freemyer did say:
The keys themselves are public, but you as the hardware owner will have to approve keys being added to public key database and therefore ensure you are only adding public keys for entities you trust.
"trust"??? OK if I'm supposed to add keys based on trust, how to subtract Microsoft??? {snicker} Actually I'm wondering about this: These public keys are effectively embedded in the kernel code somehow right? Or would it be possible for knowledgeable PC owner, to create his own "trust" key set. And then use it to "sign" an existing, older, formerly unsigned kernel. Then as PC Owner, add that key... {You see where I'm going with this right?} And if so, is there any reason that technique couldn't be used to install and run something like dos? {I have a couple of antique games you see} -- JtWdyP -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org