Flickdm
commented
7 months ago Hey @Wack0, thanks for the comment. This repo is meant for general purpose UEFI Secure Boot Objects and not Windows specific payloads. At this time we don't have plans to describe SkuSiPolicy here. The information we've shared publicly on SkuSiPolicy may be found here.
The readme states that this repo exists partially for transparency purposes.
Boot applications from th1+ that are vulnerable to baton drop were revoked by skusipolicy due to lack of dbx space.
skusipolicy is currently a single blob containing opaque hashes.
Are there any plans to also describe the contents of skusipolicy in this repository, or, if not that, then in some other location?