On Tue, Jan 6, 2015 at 10:20 AM, Nikos Mavrogiannopoulos <nmav@xxxxxxxxxx> wrote:
Hello,
I've created a transition tracker to system-wide crypto policy at:
https://bugzilla.redhat.com/show_bug.cgi?id=1179209
Currently it contains bugs filled against openssl and gnutls
applications in Fedora. If you use some application which utilizes
SSL/TLS and isn't included in the tracker feel free to request it use
the policy, and include a link to the bug report in the tracker.
The tracker also contains a dependency on NSS respecting the system
crypto policy: https://bugzilla.redhat.com/show_bug.cgi?id=1157720
regards,
Nikos
Are there any guidelines for enforcing crypto policies in Java applications.
Primarily, I was thinking about those Java applications that use JSSE system properties or similar user-driven configuration to specify keystores. Are those affected by this crypto policy at all?
Also, what about situations where SSL/TLS is off by default in the application, but is an available as an optional feature, if the user configures it? Since users are obliged to configure it, it seems there's not much for a packager to do in those situations, because that depends on the user's configuration, right?
Primarily, I was thinking about those Java applications that use JSSE system properties or similar user-driven configuration to specify keystores. Are those affected by this crypto policy at all?
Also, what about situations where SSL/TLS is off by default in the application, but is an available as an optional feature, if the user configures it? Since users are obliged to configure it, it seems there's not much for a packager to do in those situations, because that depends on the user's configuration, right?
Thanks,
Christopher
-- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct