A chain of trust enables multiple users to create and use software on a system. Digital certificates are verified in a chain configuration, and their keys are not stored directly in hardware. When you attempt to use the SBH without the software being digitally signed, the UI issues warnings. The signing authority only signs boot programs that enforce security, such as only running programs that are themselves signed, or allowing only signed code to have access to certain features of the machine. This process may continue for several layers.