On Tue, 2010-02-02 at 21:54 +0100, Till Maas wrote:
> On Tue, Feb 02, 2010 at 09:30:44PM +0100, Tomas Mraz wrote:
> > On Tue, 2010-02-02 at 20:13 +0100, Till Maas wrote:
> > > On Tue, Feb 02, 2010 at 10:28:11AM +0100, Tomas Mraz wrote:
> > >
> > > > I am sorry, but I do not see a real need for special guideline for the
> > > > fipscheck checksums. The policy where these checksums should/will be
> > > > placed should be decided by the fipscheck package itself. Of course I
> > >
> > > As soon as multiple packages are affected, there should be a guideline
> > > to document how something needs to be done to work, e.g. if someone
> > > wants to package a new software that contains fips checksums.
> >
> > Huh, shouldn't reading documentation in fipscheck package be
> > sufficient?
>
> Afaik, it would be the first packaging documentation that's in a package
> instead of the wiki. It would probably not be indexed by search engines
> and not as easy reachable by people building packages for Fedora, who do
> not run Fedora themselves. But maybe these reasons are not that applicable
> for fipscheck, because there is only a limited set of packages that make
> use of it.
Isn't it logical to have it documented in the fipscheck? If you want to
use fipscheck you have to know where it looks for the checksums. And
yes, I do not think there will be more packages with the .hmac checksums
than they are currently in the near future. Of course "never say never"
but anyway they will not be widespread because of the costs associated
with FIPS module certification which means that it is highly improbable
that the number of such modules with support for the certification will
raise substantially.
--
Tomas Mraz
No matter how far down the wrong road you've gone, turn back.
Turkish proverb
--
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/devel
