Secure boot is a feature of the Unified Extensible Firmware Interface or UEFI, the replacement for the BIOS on the motherboard.
Microsoft has implemented secure boot for Windows 8, using cryptographic keys for authenticating the kernel that is being loaded. This means that any other operating system looking to load itself on a secure boot-enabled Windows 8 system has to also be able to authenticate itself.
Some GNU/Linux distributions have developed their own methods of booting on such hardware. However, installing such distributions alongside Windows 8 is still not an easy task for the average user.
"To avoid having to go back and re-certify and sign their boot loader every time they needed to make any change to it, the Linux folks created a very minimal "loader" that does nothing more than load their real loader which then works as before. And since the handoff is from their shim loader, for which they know the key being used, they can sign their real loader any time they need to change it.
McKusick said FreeBSD planned to do the same thing. "Indeed we will likely take the Linux shim loader, put our own key in it, and then ask Microsoft to sign it. Since Microsoft will have already vetted the shim loader code, we hope that there will be little trouble getting them to sign our version for us."
Asked about a timeline for the implementation of secure boot support, McKusick replied: "We just started pursing this after a UEFI strategy meeting at BSDCan in May, so we have not yet gotten far enough through the process to have any idea when we will be able to have something that we can use.
"Microsoft could be very responsive or not. My feeling from having talked to others is that Microsoft is only willing to go along with other operating systems at all just so that they could get the program in place. Now that they can point to at least one other example that uses secure boot they may not be in a big hurry to add more. Or they may get off the dime. We shall see."
McKusick said the goal was to have at least FreeBSD able to dual-boot on a PC running Windows 8 with secure boot.
"I don't yet know what legal limitations Microsoft will put on us signing for other folks' boot loaders. Based on past examples, we will likely only be permitted to sign our own releases," he said when asked this would also apply to forks of FreeBSD.
FreeBSD is one of three operating systems derived from the BSD which was developed at the University of California in Berkeley. All three - the others are OpenBSD and NetBSD - enjoy a very good reputation for security and run some of the internet servers with the longest uptimes.