(no title)

You can sign initrd and check it using (signed) grub. But yes you need local key enrollment. Maybe making this easier is the solution though? Instead of relying on Microsoft to be charitable with its keys.

>No rollback protection (no way to cryptographically invalidate access to TPM-bound secrets on OS updates)

Revoke the key used to sign either grub, the kernel or the initrd?

>Unified Kernel Image

UKI are systemd-specific and mostly a joke AFAICT. Linux supports embedding an initrd into its efi bin. Why make a new thing?

The main object of this whole article is to make PCRs contain hashes of the current system state. Its only advantage is that it can be used to restrict some TPM access. To do that, it tries to introduce a new way to do things which adds nothing to the average user. This is mainly useful for distributions that want to have complete control on the boot process (most Linux distributions do not). A distribution can already do most (everything?) of what is suggested using rotating keys/key revocation locally, but this would introduce the possibility of forced attestation of local state. It's a plus for big organizations, but I fail to see how this improves the state of Linux for the user. At best it's an alternative to using local signing (which is already possible), at worst it's an entry into attestation of local state (DRM).