Hello,
I have recently put vanilla Debian 13 on my Framework 13 (AMD 7640), and have been fiddling with secure boot settings, with the aim of using my own keys. I have determined that all of this would be easier with sbctl, which does not appear to be in the Debian repos, so I have proceeded by manually generating my keys. The UEFI firmware is able to find the keys when I save them to my EFI system partition, but asks for an Owner GUID. I can’t for the life of me find anything that says what this is supposed to be, or whether or not it has security ramifications. Can it be anything? Should it be the same as the GUID I used when using the sign-efi-sig-list command? (following the manual instructions on the Arch Wiki Unified Extensible Firmware Interface/Secure Boot - ArchWiki )
Any insight here would be appreciated.