Clone the bug to virt to seek a fix.
Enabling EFI automatically enables Secure Boot(https://kubevirt.io/user-guide/virtual_machines/virtual_hardware/#biosuefi), it can cause confusions as it enables the secure boot implicitly.

From UI, we expect that the secure boot is only enabled when the secureBoot field under efi is set to true, if secureBoot is not defined as the common templates does, it should not represent secure boot enabled.

This is by design, as we picked the secure-by-default approach.
Either way, changing the default value now would silently disable a security feature on existing VMs.

> This is by design, as we picked the secure-by-default approach.
> Either way, changing the default value now would silently disable a security feature on existing VMs.

I agree i think that the current behavior is the right one.

In the original bug BZ2181920 (Verified state), it appears the UI was already fixed to properly understand "efi: {}" as secureboot enabled. So discussing the backend change at this point may not be necessary for the user to have a working system.

Closing this based on the last few comments.