Should we settle on one SSL implementation?
Tomas Mraz
tmraz at redhat.com
Tue Oct 23 15:01:59 UTC 2007
On Tue, 2007-10-23 at 15:46 +0100, Daniel P. Berrange wrote:
> On Tue, Oct 23, 2007 at 04:42:14PM +0200, Tomas Mraz wrote:
> >
> > On Tue, 2007-10-23 at 15:38 +0100, Daniel P. Berrange wrote:
> > > On Tue, Oct 23, 2007 at 02:13:18PM +0000, seth vidal wrote:
> > > >
> > > > On Tue, 2007-10-23 at 09:11 -0500, Rex Dieter wrote:
> > > > > John Dennis wrote:
> > > > >
> > > > > > So why did Peter Vrabec open bugs against a slew of packages a few hours
> > > > > > ago all with the summary:
> > > > > >
> > > > > > "Port XXX to use NSS library for cryptography"
> > > > > >
> > > > > > I haven't seen a consensus this how package maintainers should be
> > > > > > spending their time.
> > > > >
> > > > > I'm assuming those bugs are mostly for tracking purposes.
> > > > >
> > > >
> > > > and a lot of them are wrong.
> > >
> > > Yep, this is just creating yet bug triage work for maintainers. When entering
> > > tickets one could at least check the app in question to see if it actually
> > > uses the crypto libraries we're being told to remove. Not useful.
> >
> > Not only crypto libraries but built-in code as well. I have checked that
> > the packages actually contain the code.
>
> Clearly not. Virt-manager does not make use of OpenSSL, NSS or GNU TLS, nor
> any other random crypto routines & yet a bug was still filed. Now Python
> and GTK do have this stuff and virt-manager uses Python & GTK, but it is
> not useful to file bugs against every app which uses Python or GTK when
> you could file one bug against Python or GTK themselves.
You're right, the libvirt bug got filled by mistake. It somehow slipped
in from larger list generated by grep which I looked through manually
then.
--
Tomas Mraz
No matter how far down the wrong road you've gone, turn back.
Turkish proverb
More information about the fedora-devel-list
mailing list