Summary: Why won’t Microsoft tell PC manufacturers how to implement secure boot on their computer designs? Because anything they say can be used against them in a court of law. Literally.
In the brouhaha over UEFI, Microsoft, and secure boot, a couple of key facts have been left out of the discussion.
Microsoft will require OEMs who want their systems to be certified for use with the Windows logo to meet certain requirements. For Windows 8, one of those requirements is that the secure boot feature be enabled on any systems they sell that are built with UEFI firmware. As I wrote yesterday, that is a crucial security measure for PC buyers in an increasingly hostile security landscape.