>Which SSL implementation do you plan to standardize on? Its still too early to make that decision. On the one hand, OpenSSL has been through a source code certification for 0.9.7. We are past that and into the newer code (0.9.8) - which has to be re-certified. OSSI is interested in doing another cert with more recent code and with a smaller subset of software. That would be a step forward, I think. AFAICT, gnutls hasn't been through FIPS 140-2. I think mozilla-nss has, though. >Has any potential licensing conflicts with OpenSSL and GPL programs been >discussed? Not yet - but licenses are to be respected. We are still gaging how big the elephant is. I think we have to start with the definition of crypto and trace all packages that implement their own and patch them to use standard libraries if equivalent. This will likely take some time. If in the mean time some consolidation was done by the fedora project, that would help make the elephant smaller. -Steve __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
