Δημοσιεύτηκε: 14 Ιουν 2012, 18:45
κάτι ενδιαφέρον για τα κλειδιά (από forum)
έγραψε:I think the assumption here is that the keys don't expire, but yes, there is a mechanism for blacklisting either keys or individual signatures. A KEK-signed update can be pushed and flashed at runtime without requiring the user to do a full BIOS update - on Windows I'd expect that to happen as part of Windows Update, Linux distributions will obviously have to figure out some mechanism.