Add UEFI/SecureBoot docs from Ubuntu wiki

[rkratky]

This adds content related to UEFI Secure Boot from the Ubuntu Wiki -- as a part of the effort to migrate docs from the wiki.

Notes:

• The new articles are marked as WIP and not official docs.
• While I have updated the content, added semantic mark-up, and reformatted it, more work is needed, including clean ups and removals of obsolete info; there are also sections that are marked as needing fixes.
• The .wokeignore file has been moved to the root of the repo temporarily because of an upstream bug: Nested .wokeignore doesn't work in a git repo. get-woke/woke#212

[kukrimate]

signtool.exe? typo?

[kukrimate]

I think it's worth mentioning that both methods are just as real.

Microsoft signing is so that off-the-shelf Windows machines will trust your binary, otherwise you have to enroll your public key in the firmware.

Also worth noting that Microsoft signing is only available and should only be used for production code that is expected to be used by regular users on off the shelf hardware.

[kukrimate]

xenial is absolutely ancient

[kukrimate]

also maybe we should be promoting our own product, LXD, instead of libvirt?

[kukrimate]

EFI shell should be removed from SB article as EFI shell is forbidden from SB signing, and cannot be included in SB firmware images anymore.

[kukrimate]

Canonical's key should be only used via shim, and not via KEK and DB currently, suggesting this is insecure.

[kukrimate]

@rkratky a large part of this content is incredibly out of date, and some parts of it suggest insecure practices, I am honestly not sure if we should be displaying this in this state anywhere.