improve dynamic os installation instructions #175
Description
Step 3 assumes os is installed but os is installed in step 4
as discussed in matrix step 3 maybe can be split into separate categories like step 1 for example "no os installed" and "os installed" and maybe also another one for "reinstalled os"
noteable excerpts from matrix:
user1:
Not sure I see the inconsistency
Users are supposed to land at https://osresearch.net/Install-and-Configure
Step 1 - Building Heads
Step 1 - Downloading Heads
Step 2 - Flashing Guides
Step 3 - Configuring-Keys
Step 4 - Installing Qubes and other OSes
Where users can either install OS first (recommended if you flashed) when then Heads will pick on
Logic under Heads is
- No OS installed: guide user into USB booting and installing.
- OS dectected installed but no public key fused in firmware: propose user to inject public key or do OEM Factory Reset/Re-Ownership
Then follow. The problem lies when users reinstall OS: if there is public key fused, check passes. But then OS /boot has not digest, so probing
users to sign, but no way to verify, currently, that fused key is the one matching private key counterpart.
User should make sure public key fused is good or do re-ownership if they reinstall.
Most users will go through flashing+installing OS + configuring keys + configuring default boot + TPM DUK.
Problems lies when steps are not followed, or OS reinstall.