From 8cb03108e0d9e2134c213c06936858e70d42efad Mon Sep 17 00:00:00 2001
From: mintsuki <mintsuki@protonmail.com>
Date: Tue, 7 Feb 2023 00:49:40 +0100
Subject: [PATCH] docs: README.md: Document secure boot and config hash
 enrolling

---
 README.md | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/README.md b/README.md
index b90a4f72..fbc27c37 100644
--- a/README.md
+++ b/README.md
@@ -134,6 +134,12 @@ The boot device must contain the `limine.cfg` files in
 either the root, `limine`, `boot`, or `boot/limine` directory of one of the
 partitions, formatted with a supported file system (the ESP partition is recommended).
 
+### Secure Boot
+Limine can be booted with secure boot using shim. This will also allow one to enroll
+the BLAKE2B hash of the Limine config file into the Limine EFI executable image itself for
+verification purposes.
+For more information see the `limine-enroll-config` program and [the philosophy](/PHILOSOPHY.md).
+
 ### BIOS/MBR
 In order to install Limine on a MBR device (which can just be a raw image file),
 run `limine-deploy` as such: