[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Crypto consolidation in debian ?

On Wed, Apr 27, 2011 at 10:25:30AM +0200, Marco d'Itri wrote:
> On Apr 27, Bastian Blank <waldi@debian.org> wrote:
> 
> > On Tue, Apr 26, 2011 at 07:20:55PM +0200, Marco d'Itri wrote:
> > > The reason is that the kind of entities which require FIPS 140 probably
> > > also tend to require corporate vendor support, which we do not provide.
> > What is FIPS 140 and why is this important?
> It is a certification required by USG and many financial customers.
> 
> > > If building a package with NSS instead of other libraries does not
> > > causes relevant negative side effects then I think we should do it to
> > > benefit from the improvements which NSS is receiving and to help the
> > > process.
> > No support for /etc/ssl?
> NSS uses a different method to store certificates, but I do not think
> that this is a serious problem.

Fedora supposedly is working on a pkcs#11 module to read from /etc/ssl.

Mike
Reply to: