| ▲ | epakai 7 hours ago | |
Existing systems are going to continue to boot. The expiry date is enforced for signing new binaries, not for deciding whether an already signed binary is allowed to boot (barring buggy firmware). https://mjg59.dreamwidth.org/72892.html (Secure boot certificate rollover is real but probably won't hurt you) https://wiki.debian.org/SecureBoot/CAChanges#OMG.21.21.21_Wi... | ||
| ▲ | amlib 5 hours ago | parent [-] | |
> he expiry date is enforced for signing new binaries Does this means that updating my system kernel would fail or even break boot? | ||