[$] Linux and Secure Boot certificate expiration

Linux users who have Secure Bootenabled on their systems knowingly or unknowingly rely on a key fromMicrosoft that is set to expire in September. After that point, Microsoftwill no longer use that key to sign the shimfirst-stage UEFI bootloader that is used by Linux distributions to boot thekernel with Secure Boot. But the replacement key, which has been availablesince 2023, may not be installed on many systems; worse yet, it may requirethe hardware vendor to issue an update for the system firmware, which mayor may not happen. It seems that the vast majority of systems will not belost in the shuffle, but it may require extra work from distributors andusers.