#972268 ipxe-signed - PXE boot firmware EFI signed binary

Package:
src:ipxe
Source:
ipxe
Submitter:
Thomas Gaugler
Date:
2026-03-10 17:01:01 UTC
Severity:
wishlist
Tags:
#972268#5
Date:
2020-10-15 14:54:54 UTC
From:
To:
Dear Maintainer,

I would like to enable PXE booting within the win32-loader package under
an UEFI Secure Boot regime.

The original request (https://bugs.debian.org/962161) did not include
the secure boot requirement. However a signed ipxe efi binary would
simplify the matter for the users.

I guess an approach similar to the fwupdate-amd64-signed could be taken
to provide a signed PXE boot firmware EFI binary.

Thanks in advance!
#972268#10
Date:
2020-11-17 20:26:21 UTC
From:
To:
Hi Thomas

I'm sorry, but this is not gonna happen, at least in the short term.
Someone needs to do a security audit of ipxe and that someone is not me.

Regards,
Bastian
#972268#19
Date:
2026-03-10 16:58:36 UTC
From:
To:
Hi, all

iPXE 2.0.0 has released a version signed by iPXE's shim, which is then get
signed by Microsoft's Secure Boot CA. Despite of it it seems to be difficult
to have such a signed bootloader shipped in Debian.

If the situation changes, I'll post updates here.

Cheers,

Miao Wang