Yes I can.
But I am a Linux system administrator with 20 years of experience.
This should not be the level of measurement for stuff like this. 😉
What I meant was: Don’t put a Microsoft master trusted authority in the Kernel, unless one chooses to install a Microsoft distribution.
And don’t go the SSL/TLS way with the huge number of default authorities that get installed on every system.
It would be a pain to be forced to always build my own Kernel again just to keep Microsoft or any other institution/company that I find untrustworthy out of it.
I hope we will learn from the SecureBoot debacle and not give Microsoft the primary signing keys and infrastructure for this again.
You can generate your own.
Yes I can. But I am a Linux system administrator with 20 years of experience. This should not be the level of measurement for stuff like this. 😉
What I meant was: Don’t put a Microsoft master trusted authority in the Kernel, unless one chooses to install a Microsoft distribution. And don’t go the SSL/TLS way with the huge number of default authorities that get installed on every system. It would be a pain to be forced to always build my own Kernel again just to keep Microsoft or any other institution/company that I find untrustworthy out of it.