[OSR-DETECTED-SPAM] RE: SecureBoot/Driver signing for corporate usage

Thank you David,

Undoubtedly the driver must be signed and it is signed.
The problem arose when the sign is not enough in Win10 >1607 and SecureBoot (UEFI BIOS).
The recommended way is submitting the driver for MS attestation and resigning (cross signing) by MS (via sysdev portal). After resigning the problem will be solved.

BUT (how it could be without buts and ifs), the submission requires granting MS some rights (to distribute the driver etc).
The driver however is a part of a corporate system and formally is under our trade secret conditions. It?s just our company policy.
So granting such rights to a third party (in spite of trusted or not) is not a good way to move forward seamlessly. The subject is under discussion with our law dept at the moment.
I am utterly not sure that the dept would grant such permissions to a third party, so looking for a workaround (not based on disabling Secure Boot completely of course)

Thank you,
Serge

>in order to submit a driver for attestation

signing your company will be required to grant MS

Read the actual, complete, agreement… and what Mr. Roddy said.

It really is a non-issue *consult your lawyers*

You must have a lot of free time, because you’re making a problem to solve where none really exists.

Peter
OSR
@OSRDrivers