Linux UEFI compromise reasonable, still sucks
Life is full of trade-offs, and many times they are not palatable for every side. Such was the trade-off proposed by Fedora developers this week to solve the upcoming obstacle of UEFI secure booting on Windows 8-certified machines.
Red Hat developer Matthew Garrett has been trying to find a solution for this major obstacle since he brought it to public attention last Fall. Last week, his proposal sent shockwaves through the community. Rather than create a Fedora-specific key that could unlock the UEFI secure boot feature (but only for Fedora), Garrett and his team are proposing a more open two-stage bootloader approach.
After paying a one-time $99 certification fee to Verisign for a Microsoft-signed certificate, the first-stage bootloader will have one job: boot to a second bootloader that's signed with a Fedora key and have the second bootloader (Grub 2.0) roll into Fedora or whatever the user chooses.