Message 1 of 2
20 Apr 17 02:07
Join Date: 13 Apr 2017
Posts To This List: 8
[OSR-DETECTED-SPAM] RE: SecureBoot/Driver signing for corporate usage
Thank you David,
Undoubtedly the driver must be signed and it is signed.
The problem arose when the sign is not enough in Win10 >1607 and SecureBoot
The recommended way is submitting the driver for MS attestation and resigning
(cross signing) by MS (via sysdev portal). After resigning the problem will be
BUT (how it could be without buts and ifs), the submission requires granting MS
some rights (to distribute the driver etc).
The driver however is a part of a corporate system and formally is under our
trade secret conditions. It?s just our company policy.
So granting such rights to a third party (in spite of trusted or not) is not a
good way to move forward seamlessly. The subject is under discussion with our
law dept at the moment.
I am utterly not sure that the dept would grant such permissions to a third
party, so looking for a workaround (not based on disabling Secure Boot
completely of course)