"In theory, there should be no problem. In practice, the situation is more complicated," Sullivan asserted. "As currently proposed, Secure Boot impedes free software adoption," essentially by making it more difficult for users to install and try free software, he explained.
'Much to Like About Fedora's Thinking'
Fedora's approach, for those who missed it, is to pay $99 to Verisign for unlimited use of Microsoft signing services, allowing its first stage boot loader to be signed with a Microsoft key. The distro will, however, also allow users to work with their own self-generated keys, Sullivan noted.
"There is much to like about Fedora's thinking," he wrote. "Their process of deliberation evinced concern for user freedom; it's clear that the Fedora team sought a solution that would work not just for their own GNU/Linux distribution, but for as many free software users and distributions as possible."
Fedora's solution is also compliant with GPLv3, Sullivan added, though he did point out two "serious problems" with its approach.
'We Urge Canonical to Reverse This Decision'
As for Ubuntu's plan, "our main concern is that because they are afraid of falling out of compliance with GPLv3, they plan to drop Grub 2 on Secure Boot systems in favor of another bootloader with a different license that lacks GPLv3's protections for user freedom," Sullivan wrote.
"We urge Ubuntu and Canonical to reverse this decision, and we offer our help in working through any licensing concerns," he added. "We also hope that Ubuntu, like Fedora, will actively support users generating and using their own signing keys to run and share any versions of the software, and not require users to install a key from Canonical to get the full benefit of their operating system."
The FSF plans to continue fighting Secure Boot and educating the public, it says; it also hopes to work with hardware manufacturers and distributors to help protect user freedom.