The impact in what sense? Note that openjdk will also conform to the system wide policy. regards, Nikos On Fri, 2016-05-20 at 15:24 +0000, Christopher wrote: > What is the impact on openjdk crypto providers? > > On Fri, May 20, 2016, 05:49 Jan Kurik <jkurik@xxxxxxxxxx> wrote: > > = Proposed Self Contained Change: NSS enforces the system-wide > > crypto policy = > > https://fedoraproject.org/wiki/Changes/NSSCryptoPolicies > > > > Change owner(s): > > * Nikos Mavrogiannopoulos <nmav AT redhat DOT com> > > > > As it is now, the System-wide crypto policy in F24 is only enforced > > by > > the OpenSSL and GnuTLS TLS libraries. To harmonize crypto in > > Fedora, > > NSS is enhanced to respect the settings of the system-wide crypto > > policy as well. > > > > == Detailed Description == > > As it is now, the System-wide crypto policy in F24 is only enforced > > by > > the OpenSSL and GnuTLS TLS libraries. To harmonize crypto in > > Fedora, > > NSS is enhanced to respect the settings of the system-wide crypto > > policy as well. > > After that change the administrator should be assured that any > > application that uses NSS will follow a policy that adheres to the > > configured profile. > > > > > > == Scope == > > * Proposal owners: > > The change requires modifying the NSS library to read a policy > > generated by the crypto-policy package. > > > > * Other developers: > > There are no required actions by other developers. The change > > requires > > only targeted changes to NSS. > > > > * Release engineering: > > No actions required. > > > > * Policies and guidelines: > > - The packaging guidelines for crypto policies need to be modified > > to > > include NSS in the list of libraries supporting the policies. > > - The text "(note that adherence to the system-wide policies is > > work > > in progress for NSS libraries)" must be removed > > - The text "Currently the policies are restricted to applications > > using GnuTLS and OpenSSL" must be changed to include NSS. > > > > * Trademark approval: > > N/A (not needed for this Change) > > -- > > Jan Kuřík > > Platform & Fedora Program Manager > > Red Hat Czech s.r.o., Purkynova 99/71, 612 45 Brno, Czech Republic > > -- > > devel mailing list > > devel@xxxxxxxxxxxxxxxxxxxxxxx > > http://lists.fedoraproject.org/admin/lists/devel@lists.fedoraprojec > > t.org > > > -- > devel mailing list > devel@xxxxxxxxxxxxxxxxxxxxxxx > http://lists.fedoraproject.org/admin/lists/devel@lists.fedoraproject. > org -- Nikos Mavrogiannopoulos, PhD, Crypto Tech. Lead, Security Technologies, Red Hat, Inc. -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx http://lists.fedoraproject.org/admin/lists/devel@xxxxxxxxxxxxxxxxxxxxxxx
