[achille2]

The knee jerk reaction to secure boot-anything from the technical community has been generally "No!", "It's a trap" etc.

[venomsnake]

The knee jerk reaction is not to secure boot but to who has the ability to set the keys. The technical community likes to be in control of that.

[aray]

That is closely tied to "who gets to audit the source".

E.g. the FOSS community wasn't a fan of only-trusted-secure-boot when it was microsoft holding the keys and the source and releasing neither.

[sspiff]

For PC's and smartphones, which can have higher level security structures, the community is violently against secure boot. For firmware based embedded components, most people aren't so strongly opposed to it.

[icebraining]

Not that their opinion is the community's, but the FSF is not against secure boot even for PCs and smartphones, only against "restricted boot" - that is, secure boot without giving the keys to the user.

[AsymetricCom]

Here you said "knee jerk" where you meant to say "logically principled and wise". Also "common sense" would work in certain circles.

Secure boot isn't a technical solution to a soft/firmware update problem. It's a control mechanism to solve a management problem. Crazy idea, don't put the interface that has access to firmware on the standard interface. Use its own interface and allow motherboard manufacturers to support it for enterprise/datacenter geared systems.