Re: Intention to tighten RPM crypto-policy back

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]


On Tue, Sep 19, 2023 at 11:19 AM Alexander Sosedkin
<asosedkin@xxxxxxxxxx> wrote:
> Hello,
> 6 months ago, there's been a F38 blocker:
> Long story short:
> RPM has moved to sequoia,
> sequoia has started respecting crypto-policies,
> Google repos have been signed with a 1024-bit DSA key,
> Google Chrome was not installable => F38 blocker.
> Back at the time, it's been hastily "resolved"
> by relaxing RPM security through crypto-policies
> just enough to tolerate that Google signature:
> Since then it has been brought to my attention that
> Google has now added a 4096 bit RSA key
> (EB4C 1BFD 4F04 2F6D DDCC EC91 7721 F63B D38B 4796)
> Because of that, I'd like to revert that RPM policy relaxation
> in (f39) rawhide and align RPM security with the rest of the policy.

Correction, f40 rawhide.

> Thoughts / feedback?
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct:
List Guidelines:
List Archives:
Do not reply to spam, report it:

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Users]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]

  Powered by Linux