[Question] SPDX SBOM in a “.sbom” PE section required?

[NiKiZe]

Is shim exempt from this requirement, or any insight on how this is dealt with?

18. All submissions must contain a valid signed SPDX SBOM in a custom “.sbom” PE section. 

From https://techcommunity.microsoft.com/blog/hardware-dev-center/updated-microsoft-uefi-signing-requirements/1062916

[NiKiZe]

I'll take a chance and ask if @SochiOgbuanya could provide any guidance on which level of requirement the sbom has?