On Sun, Aug 18, 2024 at 5:23 PM Andrew Bauer <zonexpertconsulting@xxxxxxxxxxx> wrote: > > Thanks everyone for the great responses. > > I'll certainly check out the Matrix room if I have to, but I was hoping I could do this in a way that allows me to directly reference any responses I get via link in the following new package request: > https://bugzilla.redhat.com/show_bug.cgi?id=2302646 > > The Netatalk project is moving from OpenSSL -> WolfSSL. Hence there is a need to add WolfSSL package to Fedora repos. > > It has already gone through the normal approval process, but the question was raised whether this needs an additional approval from the Fedora Security Team, since this is a crypto library. I raised this question due to this section in the packaging guidelines: https://docs.fedoraproject.org/en-US/packaging-guidelines/CryptoPolicies/#_new_crypto_libraries > New crypto libraries must comply with the crypto policies to enter Fedora, unless an exception has been granted by Fedora packaging committee, after consulting with Fedora security team. The question whether wolfssl complies with system crypto policies hasn't been answered, as far as I can tell, so I don't appreciate that the package was already imported to Fedora regardless. Fabio -- _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
