Re: Crypto consolidation in debian ?
On Wed, Apr 27, 2011 at 10:25:30AM +0200, Marco d'Itri wrote:
> On Apr 27, Bastian Blank <firstname.lastname@example.org> wrote:
> > On Tue, Apr 26, 2011 at 07:20:55PM +0200, Marco d'Itri wrote:
> > > The reason is that the kind of entities which require FIPS 140 probably
> > > also tend to require corporate vendor support, which we do not provide.
> > What is FIPS 140 and why is this important?
> It is a certification required by USG and many financial customers.
> > > If building a package with NSS instead of other libraries does not
> > > causes relevant negative side effects then I think we should do it to
> > > benefit from the improvements which NSS is receiving and to help the
> > > process.
> > No support for /etc/ssl?
> NSS uses a different method to store certificates, but I do not think
> that this is a serious problem.
Fedora supposedly is working on a pkcs#11 module to read from /etc/ssl.