Update README, ISSUE_TEMPLATE with submissions questions from Microsoft HDC

[shim-review.git] / ISSUE_TEMPLATE.md

diff --git a/ISSUE_TEMPLATE.md b/ISSUE_TEMPLATE.md
index 1951d31..1149ba1 100644 (file)
--- a/ISSUE_TEMPLATE.md
+++ b/ISSUE_TEMPLATE.md
@@ -12,14 +12,38 @@ Make sure you have provided the following information:
 ###### What organization or people are asking to have this signed:
 `[your text here]`
 
 ###### What organization or people are asking to have this signed:
 `[your text here]`
 

-###### Version of shim:
+###### What product or service is this for:

 `[your text here]`
 
 `[your text here]`
 

-###### Sysdev Submission ID:
+###### What is the origin and full version number of your shim?

 `[your text here]`
 
 `[your text here]`
 

-###### What product or service is this for:
+###### What's the justification that this really does need to be signed for the whole world to be able to boot it:

 `[your text here]`
 
 `[your text here]`
 

-###### What's the justification that this really does need to be signed for the whole world to be able to boot it:
+###### How do you manage and protect the keys used in your SHIM?
+`[your text here]`
+
+###### Do you use EV certificates as embedded certificates in the SHIM?
+`[your text here]`
+
+###### What is the origin and full version number of your bootloader (GRUB or other)?
+`[your text here]`
+
+###### If your SHIM launchers any other components, please provide further details on what is launched
+`[your text here]`
+
+###### How do the launched components prevent execution of unauthenticated code?
+`[your text here]`
+
+###### Does your SHIM load any loaders that support loading unsigned kernels (e.g. GRUB)?
+`[your text here]`
+
+###### What kernel are you using? Which patches does it includes to enforce Secure Boot?
+`[your text here]`
+
+###### What changes were made since your SHIM was last signed?
+`[your text here]`
+
+###### What is the hash of your final SHIM binary?

 `[your text here]`
 `[your text here]`