Well, I'm pretty furious about this. Basically it involves signing up with Microsoft, paying a $99 one-off
fee and then getting them to sign a boot shim that will boot Grub2 that has been signed by a Fedora key. Then it has to be signed code all the way down to user space, so no loading out-of-tree drivers, filesystems or other modules, either FLOSS or proprietary (and certainly not a custom kernels) whilst Secure Boot is enabled.
I understand that it's a difficult circumstance, and I read the "You've Sold Out" section and all that... but this is ridiculous. We've already lost. We're giving Microsoft the keys to the entire kingdom. In what other industry would this argument work: "Microsoft basically have a monopoly on software because they force hardware vendors to sell hardware pre-loaded with their software. Instead of fixing this problem, we're going to literally give them the ability to block all of their competitors from being compatible with all of the hardware, and then sell compatibility back to their competitors." This has to be the most flagrant anti-trust violation I have seen. Okay, let me calm down and quote this bit from the article, just so readers don't get the wrong idea: While Microsoft have modified their original position and all x86 Windows
machines will be required to have a firmware option to disable this or to permit users to enrol their own keys, it's not really an option to force all our users to play with hard to find firmware settings before they can run Fedora.
So Microsoft is not *technically* enforcing this lock-down on competitors. But they are still clearly exerting enough pressure on competitors that they see no other option but to pay up and let Microsoft control the PC.