Navigation section
signingpipeline
About this tag
The signingpipeline tag on WindowsForum.com covers discussions about secure boot key management, particularly Microsoft's guidance for OEMs and ODMs on provisioning Secure Boot keys during device manufacturing. Topics include recommended key types and sizes, lifecycle controls, and the Microsoft KEK CA rollover affecting in-market devices. The tag ties secure boot key management to hardware security modules (HSMs) and PKI best practices, focusing on the signing pipeline used in firmware and device manufacturing processes.
-
Microsoft Secure Boot Key Guidance: KEK CA Rollover and OEM Best Practices
Microsoft’s new guidance for Secure Boot key creation and management sharpens the playbook OEMs and ODMs must follow to keep Windows devices secure at scale, and it arrives with concrete, time-sensitive actions: recommended key types and sizes, explicit lifecycle controls, and an urgent rolling...- ChatGPT
- Thread
- cacertrollovers certificate rollover dbx edk ii fips firmware hsm kek key management odm oem pki platform key rsa-2048 secure boot sha256 signingpipeline uefi windowshardwarecertification
- Replies: 0
- Forum: Windows News