The ElderberryPi implementation intends to be an easy-to-use small business server that is secure by default. UEFI enables numerous security features, including ensuring the integrity of the firmware through trusted signature verification. This could also lead to support for UEFI Secure Boot in the future, which would create an integrity chain through digital signature verification from the firmware > boot loader > kernel > device drivers.
The ElderberryPi implementation intends to be an easy-to-use small business server that is secure by default. UEFI enables numerous security features, including ensuring the integrity of the firmware through trusted signature verification. This could also lead to support for UEFI Secure Boot in the future, which would create an integrity chain through digital signature verification from the firmware > boot loader > kernel > device drivers.
Boot EEPROM details: https://www.raspberrypi.org/documentation/hardware/raspberrypi/booteeprom.md
Description of UEFI Secure Boot process: https://docs.microsoft.com/en-us/windows/security/information-protection/secure-the-windows-10-boot-process
Secure Boot Shim (pre-signed by Microsoft): http://mjg59.dreamwidth.org/20303.html
UEFI Firmware for the Raspberry Pi 4: https://github.com/pftf/RPi4