[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [Xen-users] Re: Unsigned GPLPV drivers
> > On Wed Jul 15, 2009 at 10:56:38 +0200, Klaus Steinberger wrote: > > > I was under the impression that using bcdedit to set the > > > DDISABLE_INTEGRITY_CHECKS loadoption and nointegritychecks option would > > > remove any restrictions on using unsigned drivers, but it would appear > > this > > > perhaps on applies to Vista, not Windows 2008. > > > > It even does not work in Vista (starting with SP1). > > > > Only way is to use Ready Driver Plus > > Yes, I ran that once and my general feeling is that it's a very hacky > "solution". > > Is there any likelihood of the GPLPV drivers getting signed with a "real" > certificate? The Microsoft documents on driver signing are a bit vague on > what is actually required but it doesn't seem as if the full WHQL testing > needs to be done, you only need an SPC certificate from a trusted CA. For > example Comodo are selling code signing certs for $179 for a year. > > Could "anyone" then purchase one of these certificates and sign the GPLPV > drivers? > I'm pretty sure it doesn't work that way. The drivers need to be signed by Microsoft (in addition to a regular code signing cert I think). The reasoning from Microsoft's point of view is that if someone writes crappy drivers it makes Windows look crappy, so they make you test them against Microsoft's testing framework (WHQL) and then submit the logs to Microsoft, and if they are happy they stamp them with their secret key. I don't really agree with it (it's entirely possible to write a crappy driver that passes WHQL) but I can understand where they are coming from. James _______________________________________________ Xen-users mailing list Xen-users@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-users
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |