= Proposed Self Contained Change: Replace Coolkey with OpenSC = https://fedoraproject.org/wiki/Changes/Replace_Coolkey_with_OpenSC Change owner(s): * Jakub Jelen <jjelen AT redhat DOT com> There are more PKCS#11 libraries supporting the same smart cards in the system. For the next releases, we would like to promote OpenSC as a default PKCS#11 provided in place where Coolkey driver is used these days, which will extend a list of supported smart cards and make use of the most of the OpenSC. == Detailed Description == Currently, there are several PKCS#11 modules available in Fedora. Some of them provide the same functionality as the others. Currently, the majority of the work around smart cards is done in the OpenSC project supporting all the major cards we are interested to have in Fedora. On the other side, there is no significant development efforts in Coolkey project, which is currently used by default in some applications (NSS). The provided libraries are dynamically loaded PKCS#11 libraries, so existing applications should not depend directly on either package. The transition should be smooth as the change of the path in the configurations, if any. The only exceptions are NSS (Coolkey installs its module to the NSS database), ESC and pesign (explicit requires should be removed). $ dnf repoquery --whatrequires coolkey esc-0:1.1.0-30.fc25.x86_64 pesign-0:0.112-4.fc25.x86_64 We would like to: * Get rid of explicit requires (pesign, esc) * Switch the default PKCS#11 module in applications from Coolkey to OpenSC (NSS, ESC, pesign, ...?) * Retire the Coolkey package from Fedora (estimated in Fedora 27+) During last months we worked with NSS to implement and test missing features in OpenSC to follow CoolKey driver and specification behavior. == Scope == * Proposal owners: -- For Fedora 26, we want to switch all applications to OpenSC and leave Coolkey as a backup. We will unregister coolkey from NSS database and register OpenSC instead. -- For Fedora 27, we would like to retire coolkey package, if there will not show up any problem with the transition in previous phase. * Other developers: The other packages using PKCS#11 should make sure they work with OpenSC, if they were depending on coolkey directly for future releases (will be communicated with affected package owners). * Release engineering: N/A -- Jan Kuřík Platform & Fedora Program Manager Red Hat Czech s.r.o., Purkynova 99/71, 612 45 Brno, Czech Republic _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
