That’s what MidnightBSD did.

California residents are not authorized to use MidnightBSD for desktop use in the state of California effective January 1, 2027. California law CA AB1043 requires a complex age verification system implemented for operating systems with no exceptions for small open source projects. At this time, we don’t have development time or a plan in place for this.

The photo ID requirements are what will come next.

It keeps someone from booting code that hasn’t been signed with my key. That’s the whole point of secure boot. If someone else has the key, then it’s not secure anymore.

Secureboot is worthless if the Microsoft keys are still enabled. It should only allow code that you sign yourself to boot.

Be sure to keep everything up to date too. Even openssh has had multiple vulnerabilities just this year.