Re: libelf now depends on openssl

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Fri, 2021-01-15 at 14:22 -0500, Colin Walters wrote:
> 
> On Fri, Jan 15, 2021, at 9:47 AM, Simo Sorce wrote:
> > There is of course no problem to have it in Fedora, but if this is
> > something that is going to end up in RHEL one day, it would be better
> > to do the work now to make it use OpenSSL rather than scramble later.
> 
> Isn't it at least part of the purpose of Fedora ELN to detect situations like this earlier?  A dependency on boringssl in the Fedora "Everything" repositories is a distinct thing from it in ELN.  If there was a change that brought it into ELN, AFAIK the ELN builds wouldn't fail, presumably we'd want to treat it as an important bug and possibly drive reverting the change in "Everything" or so, right?
> 
> Similarly, we definitely would try really hard to avoid adding another crypto library to Fedora CoreOS.
> 
> So I think the use of the bare term "Fedora" here isn't right.

At the moment the only impediment to add a crypto library in Fedora,
that I know of, is legal issues (like patents). The barrier is higher
in RHEL.

ELN and Fedora Core OS are still Fedora, so I leave it to the
maintainers and FESCO to decide if they want to add any rules or
restrictions to Fedora.

I would rather not see unbounded proliferation of crypto library, given
quality issues in those components are not merely bugs, they are often
serious CVE with potentially dire consequences (loss of key material or
other confidential information), but I am not signing up to be in the
Fedora Crypto police, I have enough on my hands as RHEL Crypto Police
:-D

> _______________________________________________
> devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
> To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
> Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
> List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
> List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx

-- 
Simo Sorce
RHEL Crypto Team
Red Hat, Inc



_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Users]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]

  Powered by Linux