On Wed, 26 Jun 2024 at 21:36:19 +0100, Steve McIntyre wrote:
We need to document that i386 Secure Boot is no longer supported. We
no longer have signed kernels, and we no longer have a signed
shim. Signed GRUB and fwupd-efi packages will also be removed soon.
This has mostly been overtaken by events: we no longer have *unsigned*
kernels for i386 either, or an installer.
<https://www.debian.org/releases/testing/release-notes/issues.en.html#reduced-support-for-i386>
describes the reduced support for i386 in more detail, and I think
"there is no Secure Boot" doesn't need saying explicitly when we are
already effectively saying "you can't boot it" :-)
(https://bugs.debian.org/1107976 is a related request for better wording
about this in the introduction.)
On Thu, 27 Jun 2024 at 12:16:06 +0000, Thorsten Glaser wrote:
Might want to note this on amd64 as well, for those
64-bit systems with 32-bit EFI.
I think this is the only thing that might possibly benefit from
documenting separately - although as Steve said, amd64 systems with
32-bit EFI are rare, so perhaps it isn't worth it.
smcv
