Hi David, David Woodhouse <dwmw2@xxxxxxxxxxxxx> writes: > On Fri, 2022-04-29 at 17:49 -0400, Ben Cotton wrote: >> This document represents a proposed Change. As part of the Changes >> process, proposals are publicly announced in order to receive >> community feedback. This proposal will only be implemented if approved >> by the Fedora Engineering Steering Committee. >> >> https://fedoraproject.org/wiki/Changes/StrongCryptoSettings3Forewarning1 >> >> >> == Summary == >> >> Cryptographic policies will be tightened in Fedora 38-39, >> SHA-1 signatures will no longer be trusted by default. >> Fedora 37 specifically doesn't come with any change of defaults, >> and this Fedora Change is an advance warning filed for extra visibility. >> Test your setup with FUTURE today and file bugs so you won't get bit >> by Fedora 38-39. >> > > Changes like this have been very disruptive in the past because they > haven't been completely thought through. > > Can we please make 100% sure these policies are not going to break > things like VPN clients in the way that we have before. They are going to break things, but Ubuntu 22.04 deprecated SHA1 signatures already, so it's very likely that a good chunk of the fallout will be cleared by the time Fedora 38 and 39 ship. Cheers, Dan _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
