On 20.5.2016 11:48, Jan Kurik wrote: > = Proposed Self Contained Change: NSS enforces the system-wide crypto policy = > https://fedoraproject.org/wiki/Changes/NSSCryptoPolicies > > Change owner(s): > * Nikos Mavrogiannopoulos <nmav AT redhat DOT com> > > As it is now, the System-wide crypto policy in F24 is only enforced by > the OpenSSL and GnuTLS TLS libraries. To harmonize crypto in Fedora, > NSS is enhanced to respect the settings of the system-wide crypto > policy as well. > > == Detailed Description == > As it is now, the System-wide crypto policy in F24 is only enforced by > the OpenSSL and GnuTLS TLS libraries. To harmonize crypto in Fedora, > NSS is enhanced to respect the settings of the system-wide crypto > policy as well. > After that change the administrator should be assured that any > application that uses NSS will follow a policy that adheres to the > configured profile. > > > == Scope == > * Proposal owners: > The change requires modifying the NSS library to read a policy > generated by the crypto-policy package. > > * Other developers: > There are no required actions by other developers. The change requires > only targeted changes to NSS. > > * Release engineering: > No actions required. > > * Policies and guidelines: > - The packaging guidelines for crypto policies need to be modified to > include NSS in the list of libraries supporting the policies. > - The text "(note that adherence to the system-wide policies is work > in progress for NSS libraries)" must be removed > - The text "Currently the policies are restricted to applications > using GnuTLS and OpenSSL" must be changed to include NSS. > > * Trademark approval: > N/A (not needed for this Change) Hooray! -- Petr Spacek @ Red Hat -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx http://lists.fedoraproject.org/admin/lists/devel@xxxxxxxxxxxxxxxxxxxxxxx
