The GPL says:
If you convey an object code work under this section
in, or with, or specifically for use in, a User Product, and the conveying
occurs as part of a transaction in which the right of possession and use of the
User Product is transferred to the recipient in perpetuity or for a fixed term
(regardless of how the transaction is characterized), the Corresponding Source
conveyed under this section must be accompanied by the Installation
Information.
They have all these terms broken down, but the
end result is that if Canonical distributes a software upgrade for a piece of
hardware, then it is up to Canonical to insure that anybody else can modify
Canonical's code and distribute their own upgrade.
Now the negotiation
between Canonical and the OEM gets a lot more complicated. As you say, there
could be another key, but it is now up to Canonical to insure there is (since
they directly distributed object code signed to be able to be used on this
hardware), and to somehow allow others to use it without allowing everybody to
use it. Provenance is an important point of secure boot, so having an
"everybody can sign with this" key is just not going to fly. If party X can
sign with a key, then (a) that key had better be traceable back to party X, and
(b) the user ought to be able to keep from inadvertently installing party X's
key if he doesn't want party X's stuff.
If you hand me a CD and say "this is
the latest signed Ubuntu" and I shove it in my drive, I'd somehow like to know
that it was really signed by Canonical. How do you reconcile that with letting
everybody sign stuff, especially if you don't have network stuff until you
boot?
BTW, if you have network stuff before you boot, you're now
relying heavily on a (probably) closed source BIOS to do the right thing on your
behalf. [ Reply to This | Parent | # ]
|
