Mailinglist Archive: opensuse-factory (422 mails)
| < Previous | Next > |
Re: [opensuse-factory] crypto consolidation
- From: Wolfgang Rosenauer <wolfgang@xxxxxxxxxxxxx>
- Date: Mon, 05 Jan 2009 09:11:55 +0100
- Message-id: <4961C0CB.4060309@xxxxxxxxxxxxx>
Hi,
Marcus Meissner schrieb:
Is there any (public) document about it or just internal discussion?
I just found http://en.opensuse.org/Packaging/Security_Policies where it
is mentioned as preferred, too.
The license should be fine for most cases and the feature set looks like
it is a good choice.
Upstream adoption for OSS software is not that high compared to OpenSSL
though but it seems that Fedora is doing some work to make it available
as option in popular applications.
The reason I was asking is because I've picked up some work from hpj to
make it possible to share a user's global NSS database between most of
the applications using NSS' certstore including all Mozilla projects and
Evolution for now.
Using the OBS mozilla repository on 11.1 (and above) implements that
optional feature (evolution in 11.1 is also already enabled).
That feature is still a bit experimental since it's not exercised much
anywhere yet and there is a bit more to come as for example a system
wide database which can be controlled by root and is used in addition to
the user's database. I'm also planning to create a simple GUI
application to manage the user's (or system's) global certstore (w/o
using the one in Firefox).
Wolfgang
--
To unsubscribe, e-mail: opensuse-factory+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse-factory+help@xxxxxxxxxxxx
Marcus Meissner schrieb:
On Sun, Jan 04, 2009 at 11:33:48PM +0100, Wolfgang Rosenauer wrote:
Hi,
usage of different crypto libraries is quite cluttered over the openSUSE
distribution (actually every Linux distribution).
This is caused by different things and can't be avoided but I'm still
wondering about a few things:
- is there a policy which framework to use if the upstream project
offers more options?
- if there is no policy yet should there be one?
- would it make sense to join or introduce an own project like Fedora's
http://fedoraproject.org/wiki/FedoraCryptoConsolidation
We are working this way, but slowly.
Is there any (public) document about it or just internal discussion?
Mozilla NSS is the current favorite, if license permits.
I just found http://en.opensuse.org/Packaging/Security_Policies where it
is mentioned as preferred, too.
The license should be fine for most cases and the feature set looks like
it is a good choice.
Upstream adoption for OSS software is not that high compared to OpenSSL
though but it seems that Fedora is doing some work to make it available
as option in popular applications.
The reason I was asking is because I've picked up some work from hpj to
make it possible to share a user's global NSS database between most of
the applications using NSS' certstore including all Mozilla projects and
Evolution for now.
Using the OBS mozilla repository on 11.1 (and above) implements that
optional feature (evolution in 11.1 is also already enabled).
That feature is still a bit experimental since it's not exercised much
anywhere yet and there is a bit more to come as for example a system
wide database which can be controlled by root and is used in addition to
the user's database. I'm also planning to create a simple GUI
application to manage the user's (or system's) global certstore (w/o
using the one in Firefox).
Wolfgang
--
To unsubscribe, e-mail: opensuse-factory+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse-factory+help@xxxxxxxxxxxx
| < Previous | Next > |