Le 10 juin 2013 07:06, "Florian Weimer" <fw@deneb.enyo.de> a écrit :
>
> * Bastien ROUCARIES:
>
> > Maybe crypto consolidation arround libnss will greatly help here.
> > jessie release goal ?
>
> NSS has lots of global state, and its proper initialization from
> another library is difficult.
Could you give some pointer?
Switching over to it is probably
> doable, but it's not really straightforward.
On the other hand, the
> TLS implementation in NSS has been doing host name validation for a
> long time, which is still problematic with some of the other
> implementations.
>
> NSS has its own problems with SUID/SGID binaries, but these could be
> addressed by switching PR_GetEnv to secure_getenv.
Could you also give some pointer?
I will open a wiki page
>
>
> --
> To UNSUBSCRIBE, email to debian-devel-REQUEST@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
> Archive: [🔎] 87vc5mtuzr.fsf_-_@mid.deneb.enyo.de">http://lists.debian.org/[🔎] 87vc5mtuzr.fsf_-_@mid.deneb.enyo.de
>