How do I allow cross-signed kernel drivers in Windows 10 version 1607 with secure boot enabled?

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\CI\Policy]
"UpgradedSystem"=dword:00000001
  • https://www.geoffchappell.com/notes/security/whqlsettings/index.htm
  • https://forums.mydigitallife.net/threads/windows-10-anniversary-update-digital-signature-question.69970/#post-1272392

Both the blogpost and the forum post corroborate each other. I have added the following registry value on a Windows 10 version 1909 machine that had been upgraded from 1903 (therefore, the restrictions from 1607 apply).

Lo and behold...it worked. Previously, the driver had installed itself and appeared in the Device Manager, albeit with the oft-described "Code 52" warning. Now that error is gone.

I'm a Linux user and not a Windows guru. My previous (naïve) experiences have shown me that modifying the registry can lead to issues, so I don't really know what sort of externalities will follow from adding this registry value. I'll defer instead to Geoff Chappell's blogpost, as he seems to know what he's writing about; it seems like adding this registry value is, at least to date, harmless.