-
Notifications
You must be signed in to change notification settings - Fork 131
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Shim 15.6 for Cisco PuzzleOS #262
Comments
Looking:
Queries:
|
Hi @steve-mcintyre, |
Sorry, but that's a little disconcerting here for me. I'm always a bit worried to see things open wider than they need to be in this context. @frozencemetery @julian-klode @vathpela what do you think here please? |
Sorry, meant to say they were generated as 3 self-signed CA certificates. |
At the very least I'd want it documented in the submission, which it currently isn't.
I mean, sure, but why though? Why not generate them without that?
I would think this presents an auditability problem: sure, you don't want to, but they can be - nothing stops them from signing another cert.
I think I share this concern. |
We used self signed CA certificates in the proposed shim simply out of convention and consistency. Most of the accepted shim requests we looked at had CA certificates. |
@steve-mcintyre, @frozencemetery , |
Hi. Any new status? |
Sorry to keep you waiting...
All done! |
Thanks! |
@joylatten Did you receive a signed shim? |
Well, closing in any case due to #307 |
@frozencemetery , unfortunately, we are waiting on Microsoft to sign our shim. |
oh gosh, @frozencemetery do I need to resubmit and use 15.7 with NX? |
If you have to re-submit then yes, you'll need to do NX with 15.7. What state is your submission in on the MS partner site? |
@steve-mcintyre its in the review state |
I think you may need to prod folks at MS about this then - normally things in "review" state get signed within a few days of the "accepted" label here, |
@steve-mcintyre , thanks, I will give it a try and cross my fingers. It has been in review for a few weeks now. |
They have been happy to continue to sign things without nx, so long as they were submitted before the deadline. |
@steve-mcintyre ok, thanks. Hopefully they will consider my first submission is the same as the 2nd one, just the EV |
Confirm the following are included in your repo, checking each box:
What is the link to your tag in a repo cloned from rhboot/shim-review?
https://github.com/puzzleos/shim-review/tree/puzzleos-shim-x86_64-20220706
What is the SHA256 hash of your final SHIM binary?
c44d3bff9c43a24b443a8ba48cf8963441291b48e44c6e427d628e8a05a64e46 shimx64.efi
The text was updated successfully, but these errors were encountered: