Re: F41 Change Proposal: Make OpenSSL distrust SHA-1 signatures by default (system-wide)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hello Daniel,

> On 5. Jul 2024, at 15:33, Daniel P. Berrangé <berrange@xxxxxxxxxx> wrote:
> 
> It isn't listed there, but it certainly should be, as we've not
> been considering it FIPS compliant, for precisely this reason.

OK. I’ve asked our docs team to add it to the list. Thank you for bringing this to my attention.


> FYI, disabling FIPS was done by the upstream maintainer, it isn't a
> downstream change.

We can’t force upstream to care about FIPS, but as RHEL downstream we should. This may occasionally mean shipping downstream changes or submitting patches to make such things configurable.


-- 
Clemens Lang
RHEL Crypto Team
Red Hat



-- 
_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue




[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Users]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]

  Powered by Linux