I must have a thousand questions. I'm making one comment per question as that seems reasonable. Posted in no particular order. As of 2026-02-26 I have 22 questions.

I typed up all these questions not knowing there was a February AMA. I'll have to watch that later to see if any of my questions are answered there.

---

Should admins be considering anything with regard to secure boot as it pertains to backup and recovery or system archival procedures (how do we restore and boot a backup in 5 years time if the 2011 keys cease to be trusted)? Will we need to accept a lower security posture in such cases? Will Microsoft backport or provide newly signed bootmgr updates to unsupported versions of Windows so that the Windows secure boot process can be maintained long-term? Is Microsoft working with partners (Veeam, Cohesity, Rubrik, et al) to consider recovery implications? Or will IT pros have to embrace managing our own secure boot keys in such use cases?