The last comment from Mathieu is still the current status. We have not toggled signature enforcement for xenial yet because we have a Canonical-supported kernel, linux-fips, which is published for xenial and there is not yet a version of this kernel which is both FIPS- certified and EFI signed.
The process of certifying a new kernel takes some time and depends on external entities. We are currently still in a holding pattern waiting for that external certification to be completed. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1401532 Title: GRUB's Secure Boot implementation loads unsigned kernel without warning To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/grub2/+bug/1401532/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
