implement Secure Boot in ISO
Chakra has no support for secure boot, we should add that.
And btw new windows 10 laptops will ship it on by default, and not every laptop will allow users to turn it off. http://www.pcworld.com/article/2901262/microsoft-tightens-windows-10s-secure-boot-screws-where-does-that-leave-linux.html
This is how we do it:
import some tools we will need (efitools, sbsigntools, shim, refind). I have PKGBUILDs for all of them
create calamares module for installing rEFInd as bootloader and shim as prebootloader (it's just a bootloader that boots before rEFInd).
create Chakra private and public key
sign kernel (actually /boot/vmlinux-linux) and rEFInd externally to chroot because we can't share private key