Enforcing system crypto policies

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Here https://docs.fedoraproject.org/en-US/packaging-guidelines/CryptoPolicies/ is a proposal to use a specific cipher list string for SSL_CTX_set_cipher_list(): "PROFILE=SYSTEM".
Especially this citation: "if that call is present and provided a fixed string which does not contain PSK or SRP, replace the string with "PROFILE=SYSTEM", or remove the call" 

We have to rely on PSK. What ist the reason behind the above advice?

Thanks, Frank

_______________________________________________
security mailing list -- security@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to security-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/security@xxxxxxxxxxxxxxxxxxxxxxx
[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Coolkey]

  Powered by Linux