Patina: a Rust implementation of UEFI firmware

(github.com)

132 points hasheddan | 1 comments | 10 Oct 25 21:02 UTC | HN request time: 0.199s | source

Show context

treffer ◴[11 Oct 25 10:25 UTC] No.45547992[source]▶

>>45543746 (OP) #

Interesting. But who is OpenDevicePartnership?

Looking at the members on the repository this seems to be a Microsoft project?

replies(1): >>45548383 #

mariuolo ◴[11 Oct 25 11:45 UTC] No.45548383[source]▶

>>45547992 #

Can one even do UEFI firmware projects without at least keeping Microsoft in the loop?

As far as I remmeber, they control the issuance of keys for bootloaders. Or is this project supposed to do away with that?

replies(5): >>45551246 #>>45551954 #>>45670901 #>>45672708 #>>45674194 #

1. p_l ◴[22 Oct 25 19:45 UTC] No.45674194[source]▶

>>45548383 #

It's not that Microsoft controls the issuance, it's that their keys are pretty much guaranteed to be installed and thus getting your keys signed with their CA means you can use the pre-existing trust roots.

They are also the one party that is forcing freedom-enabling but formal standard breaking ability of resetting Platform Key, because Microsoft actually documents (or used to) a process to deploy systems signed with your own key as part of the highest security deployment documentation for enterprise customers

↑