[if gte mso 9]>
Subject: Re: [edk2] UEFI Secure boot.
From: "Rosenbaum, Lee G" <firstname.lastname@example.org>
To: "email@example.com" <firstname.lastname@example.org>
Date: 2012-02-04 08:28:38
Yes, the UEFI Spec is a good place to start, specifically:
Section 3.2 Globally Defined Variables)
Sections 7.2 (Variable Services)
Sections 27.2 through 27.8 (Secure Boot)
Should be possible to add secure boot to OVMF but I don’t know if anyone has done that yet
At a high level, when secure boot is enabled, only digitally signed UEFI images (ie OS loaders, …) can run.
Signing is per the Microsoft PE/COFF and Authenticode specs (links in the UEFI spec)
One doc that may help is:
Intel Technology Journal issue on Pre-OS Security, page 80 at
From: satish kondapalli [mailto:email@example.com]
Sent: Friday, February 03, 2012 9:19 AM
Subject: [edk2] UEFI Secure boot.
I want to know about UEFI Secure boot. What services it will provide?. Is there a way to test secure boot through OVMF or any other Package?.
I started looking into UEFI Spec. Can any one explain at high level overview what UEFI secure boot will do?
Please provide any DOCs for UEFI secure boot...