Secure boot? MS cutting out most other OSs

I always hope that manjaro signs the boot manager and kernel in the software source, and then publishes the public key as a software package in the software source. Finally, the user can import the public key in the BIOS, and the secure boot can be enabled.

However, some developers replied that because of the nvidia driver, you need to turn off secure boot, but I think even after signing the boot manager and kernel, you can still turn off secure boot in the BIOS, and users who do not use NVIDIA drivers can still choose to enable it. Safe booting can obviously improve system security and ease of use. It is obviously a troublesome and repetitive thing for users to sign the kernel and boot manager by themselves.

And if the kernel and boot manager are automatically signed when the software package is compiled and the private key is unchanged, it seems that you only need to import the public key into the BIOS once.

I wonder what arch distro will be the first to bring secure boot. I periodically check the forums as i’m waiting for this achievement. Secure boot is simply great. Hope M$ pushes everyone, and users will profit.

Linux distributions can sign the kernel and boot loader themselves, even if they don’t use Microsoft’s key to sign the kernel and boot loader. Users only need to import the public key once for the secure startup to work. If the Linux distribution doesn’t sign the kernel and boot loader, To use Secure boot, users have to sign the kernel and boot loader themselves.
And Microsoft has announced that they will no longer sign up for grub2 as a versatile bootloader.