* Jaroslav Reznik <jreznik@xxxxxxxxxx> [2014-02-27 11:25]: > = Proposed System Wide Change: System-wide crypto policy = > https://fedoraproject.org/wiki/Changes/CryptoPolicy > > An idea of how this will be implemented is to have each Fedora > application's configuration file or compilation option will set a > system default option. That is for example for applications that use > GnuTLS or OpenSSL a priority string or cipher named "SYSTEM". Then > the shipped library will make sure that once the "SYSTEM" option is > encountered the preconfigured system settings will be applied. > == Scope == > There are changes required in GnuTLS, OpenSSL and NSS libraries. On a second > phase non-SSL crypto libraries could use these settings. What about applications that do not use GnuTLS, OpenSSL and NSS? I believe both OpenJDK and Bouncy Castle fall under this category. Thanks, Omair -- PGP Key: 66484681 (http://pgp.mit.edu/) Fingerprint = F072 555B 0A17 3957 4E95 0056 F286 F14F 6648 4681 -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
