On 01/22/2010 07:53 AM, Ralf Corsepius wrote: > On 01/22/2010 01:22 PM, Tomas Mraz wrote: >> These are checksums required by FIPS-140-2 integrity verification checks >> of the fipscheck and ssh binaries. > > I.e. package data. > > => These packages are non-FHS compliant and qualify as broken. I don't believe so---it's not my line of business but I understand that - in some circumstances (government, regulated companies) encryption must be certified to the FIPS 140-2 standard - on Linux encryption (https, ssh) is handled by OpenSSL, which went through the FIPS certification process - one of the conditions of FIPS certification is a capability for run-time consistency checks, hence the fipscheck package - the fipscheck package checks against the checksums stored in the .XXX.hmac files, therefore those files are required if a system needs to be FIPS-compliant. Having said that, I don't understand how does this scheme prevent someone from subverting the executable and creating a matching .hmac file, so that the fipscheck fails to see the problem. I expect it's handled properly but I don't know how. -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
