At its WinHEC hardware conference in Shenzhen, China, Microsoft talked about the hardware requirements for Windows 10. The precise final specs are not available yet, so all this is somewhat subject to change, but right now, Microsoft says that the switch to allow Secure Boot to be turned off is now optional. Hardware can be Designed for Windows 10 and can offer no way to opt out of the Secure Boot lock down.
The presentation is silent on whether OEMs can or should provide support for adding custom certificates.
(Score: 2) by maxwell demon on Saturday May 30 2015, @11:01AM
Then someone should write an utility that makes it easy. I don't see why the utility would need an user interface more complicated than
where the first argument is the name of the unsigned boot loader file, the second names the file containing the private key, and the final argument specifies where to write the signed bootloader.
The Tao of math: The numbers you can count are not the real numbers.