[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Should we settle on one SSL implementation?



On Tue, Oct 23, 2007 at 04:42:14PM +0200, Tomas Mraz wrote:
> 
> On Tue, 2007-10-23 at 15:38 +0100, Daniel P. Berrange wrote:
> > On Tue, Oct 23, 2007 at 02:13:18PM +0000, seth vidal wrote:
> > > 
> > > On Tue, 2007-10-23 at 09:11 -0500, Rex Dieter wrote:
> > > > John Dennis wrote:
> > > > 
> > > > > So why did Peter Vrabec open bugs against a slew of packages a few hours
> > > > > ago all with the summary:
> > > > > 
> > > > > "Port XXX to use NSS library for cryptography"
> > > > > 
> > > > > I haven't seen a consensus this how package maintainers should be
> > > > > spending their time.
> > > > 
> > > > I'm assuming those bugs are mostly for tracking purposes.
> > > > 
> > > 
> > > and a lot of them are wrong.
> > 
> > Yep, this is just creating yet bug triage work for maintainers. When entering
> > tickets one could at least check the app in question to see if it actually
> > uses the crypto libraries we're being told to remove. Not useful.
>
> Not only crypto libraries but built-in code as well. I have checked that
> the packages actually contain the code. 

Clearly not. Virt-manager does not make use of OpenSSL, NSS or GNU TLS, nor
any other random crypto routines & yet a bug was still filed. Now Python
and GTK do have this stuff and virt-manager uses Python & GTK, but it is
not useful to file bugs against every app which uses Python or GTK when
you could file one bug against Python or GTK themselves.

Dan.
-- 
|=- Red Hat, Engineering, Emerging Technologies, Boston.  +1 978 392 2496 -=|
|=-           Perl modules: http://search.cpan.org/~danberr/              -=|
|=-               Projects: http://freshmeat.net/~danielpb/               -=|
|=-  GnuPG: 7D3B9505   F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505  -=| 


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]