https://bugzilla.redhat.com/show_bug.cgi?id=1778530 Bug ID: 1778530 Summary: Review Request: libfido2 - FIDO2 libraries and utilities for support of U2F / WebAuthn Product: Fedora Version: rawhide Hardware: All OS: Linux Status: NEW Component: Package Review Severity: medium Assignee: nobody@xxxxxxxxxxxxxxxxx Reporter: gary.buhrmaster@xxxxxxxxx QA Contact: extras-qa@xxxxxxxxxxxxxxxxx CC: package-review@xxxxxxxxxxxxxxxxxxxxxxx Target Milestone: --- Classification: Fedora Spec URL: https://copr-be.cloud.fedoraproject.org/results/gtb/libfido2/fedora-31-x86_64/01121536-libfido2/libfido2.spec SRPM URL: https://copr-be.cloud.fedoraproject.org/results/gtb/libfido2/fedora-31-x86_64/01121536-libfido2/libfido2-1.3.0-1.fc31.src.rpm Description: libfido2 is an open source library to support the FIDO2 protocol. FIDO2 is an open authentication standard that consists of the W3C Web Authentication specification (WebAuthn API), and the Client to Authentication Protocol (CTAP). CTAP is an application layer protocol used for communication between a client (browser) or a platform (operating system) with an external authentication device (for example the Yubico Security Key). Fedora Account System Username: gtb Benefit to Fedora: In addition to the ability to manage and utilize U2F/FIDO2 authenticators, this package will allow OpenSSH to use a U2F authenticator for storage/protection of ssh keys. This package compliments the python3-fido package. This is my first Fedora package, and I need a sponsor. I am not an upstream maintainer of the libfido2 project, although I have submitted issues/patches that have been accepted. I am a packager in rpmfusion for the xmltv package. The package is available in Fedora Copr (as the provided spec/srpm references show) at: https://copr.fedorainfracloud.org/coprs/gtb/libfido2/ Note: the libfido2 package ships a "naked" .so library file libsk-libfido2.so (in addition to versioned libraries for other uses) for integration with OpenSSH (see https://marc.info/?l=openssh-unix-dev&m=157259802529972&w=2 for the how-to). This naked .so file appears to technically be in violation of one of the MUSTs in packaging if a -devel library is shipped. The alternative would seem to be to not ship a -devel library. -- You are receiving this mail because: You are on the CC list for the bug. You are always notified about changes to this product and component _______________________________________________ package-review mailing list -- package-review@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to package-review-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/package-review@xxxxxxxxxxxxxxxxxxxxxxx
