UEFI still Looking for Second Certification Authority

Subscribe To Read This Insight

3Q 2014 | IN-1019803

UEFI Still Sparks Debate


The Unified Extensible Firmware Interface (UEFI), the standard firmware interface for PCs, designed to replace the BIOS as a new model for the interface between the OS and the platform firmware, is continuing its slow but steady uphill struggle for multi-OS endorsement. As a neutral architecture based on an open source implementation, the UEFI specification is owned by the UEFI Forum, and members agree to deliver licenses when requested by other members free of charge, which has greatly reduced barriers to adoption. However, regarding the Secure Boot feature, debate still rages. PKI is the core infrastructure used for Secure Boot where a database of authorized keys is stored within the UEFI firmware. The database used can vary, including DB, DBX, KEK, or PK. The Forum suggests either the OEM preinstall the key in PK or the OS includes the vendor keys in KEK and DB. The snag is that the Certificate Authority (CA) for the UEFI PKI is managed by Microsoft. The arguments have prima...

You must be a subscriber to view this ABI Insight.
To find out more about subscribing contact a representative about purchasing options.