UEFI Secure Boot Key provided by Linux Foundation
The Linux Foundation has decided to take action to allow everybody to continue using open source operating systems even on Secure Boot systems
There have been plenty of valid concerns regarding the future of computing in regards to UEFI Secure Boot, mainly how it will lock out people wanting to install a Linux distribution. The Linux Foundation has been following the situation, and has decided to take action by purchasing a key from Microsoft, and signing their own small pre-bootloader that will be available to all users of open source.
The Linux Foundation explained their reasoning behind it in a blog post:
“The Linux Foundation is committed to giving users freedom of choice on their platforms. Conforming to this stance, we have already published a variety of tools to permit users to take control of their secure boot platforms by replacing the Platform Key and managing (or replacing) the installed Key Exchange Keys…however, as one of the enablers of the Linux ecosystem, the Foundation recognizes that not everyone is willing (or able) to do this so it was also necessary to find a solution that would enable people to continue to try out Linux and other Open Source Operating Systems in spite of the barriers UEFI Secure boot would place in their way and without requiring that they understand how to take control of their platforms. Therefore, we also formulated a technical plan, which is implemented in this pre-bootloader, to allow distributions to continue functioning in a secure boot environment.”
The source code for the pre-bootloader is available at the moment without the key, and you can get using GIT as Loader.c. The Foundation admit that it will take a little time for the key and signature to be obtained, but will update everyone when its been done.