[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Future Fedora Development

>Which SSL implementation do you plan to standardize on?

Its still too early to make that decision. On the one hand, OpenSSL has been
through a source code certification for 0.9.7. We are past that and into the
newer code (0.9.8) - which has to be re-certified. OSSI is interested in doing
another cert with more recent code and with a smaller subset of software. That
would be a step forward, I think. AFAICT, gnutls hasn't been through FIPS 140-2.
I think mozilla-nss has, though.

>Has any potential licensing conflicts with OpenSSL and GPL programs been

Not yet - but licenses are to be respected. We are still gaging how big the
elephant is. I think we have to start with the definition of crypto and trace all
packages that implement their own and patch them to use standard libraries if
equivalent. This will likely take some time.  If in the mean time some
consolidation was done by the fedora project, that would help make the elephant


Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]