[Bug 1884566] Re: Please provide dual-signed shim chained to both MS & Canonical certificates
Steve Langasek
1884566 at bugs.launchpad.net
Mon Jun 22 23:54:57 UTC 2020
Regarding shim-canonical, this looks to me like it should be a one-off,
and future signing requests should be done through the shim package
itself. Can you raise an MP for that?
Also, is it really the Ubuntu online signing key that you want to be
signing this shim, and not the UC20 online signing key?
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to shim-signed in Ubuntu.
https://bugs.launchpad.net/bugs/1884566
Title:
Please provide dual-signed shim chained to both MS & Canonical
certificates
Status in shim-signed package in Ubuntu:
New
Bug description:
Please provide dual-signed shim chained to both MS & Canonical
certificates
Implementation provided as:
- shim-canonical => to submit shim for signing (ideally this portion of code should be merged into the src:shim package, when we rebuild it from scratch next)
- shim-signed => to construct dual-signed shim
This also makes it easier to test shim uploads, as a PPA built of
shim-canonical, produces signed shim, for which one can import a
certificate and use straight away.
See:
https://code.launchpad.net/~xnox/ubuntu/+source/shim-signed/+git/shim-signed/+merge/386190
https://launchpad.net/ubuntu/groovy/+queue?queue_state=0&queue_text
=shim-canonical
This work is required for UC20 1.0 release
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/shim-signed/+bug/1884566/+subscriptions
More information about the foundations-bugs
mailing list