Re: F41 Change Proposal: Disable openSSL Engine Support (system-wide)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



For an example of missing critical functionality, see this comment: https://github.com/systemd/systemd/pull/29539#issuecomment-1760243611

Aside from that, trying to use the pkcs11 and tpm2 providers just ended up with unintelligible errors being vomited on the console. No, I did not keep a copy of those tests, and no, I am not going to try again, as I most definitely do not have the time nor the interest to become an openssl or pkcs11 expert. This stuff needs to "just work" by default, without spending days tinkering, and engines do that just fine, because they have been developed for years. Providers are just too new, and those that exist need a few more years as optional features for enthusiasts and experts to adopt and fix all the bugs, add all the needed features, and make sure they work out of the box. We are not there yet, and jumping the gun is not going to help anybody.
--
_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue




[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Users]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]

  Powered by Linux