Intention to tighten RPM crypto-policy back

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



6 months ago, there's been a F38 blocker:
Long story short:
RPM has moved to sequoia,
sequoia has started respecting crypto-policies,
Google repos have been signed with a 1024-bit DSA key,
Google Chrome was not installable => F38 blocker.
Back at the time, it's been hastily "resolved"
by relaxing RPM security through crypto-policies
just enough to tolerate that Google signature:

Since then it has been brought to my attention that
Google has now added a 4096 bit RSA key
(EB4C 1BFD 4F04 2F6D DDCC EC91 7721 F63B D38B 4796)

Because of that, I'd like to revert that RPM policy relaxation
in (f39) rawhide and align RPM security with the rest of the policy.

Thoughts / feedback?
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct:
List Guidelines:
List Archives:
Do not reply to spam, report it:

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Users]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]

  Powered by Linux