Bug#558309: please incorporate nss patches from Fedora

To: Andreas Barth <aba@not.so.argh.org>, 558309@bugs.debian.org
Subject: Bug#558309: please incorporate nss patches from Fedora
From: Colin Watson <cjwatson@debian.org>
Date: Fri, 27 Nov 2009 19:33:04 +0000
Message-id: <[🔎] 20091127193304.GE6496@riva.ucam.org>
Reply-to: Colin Watson <cjwatson@debian.org>, 558309@bugs.debian.org
In-reply-to: <[🔎] 20091127191119.GN27216@mails.so.argh.org>
References: <[🔎] 20091127191119.GN27216@mails.so.argh.org>

On Fri, Nov 27, 2009 at 08:11:19PM +0100, Andreas Barth wrote:
> Fedora provides an patch at
> https://cvs.fedoraproject.org/viewvc/F-12/openssh/openssh-5.3p1-nss-keys.patch?revision=1.1&view=markup&sortby=rev
> that use keys from the common mozilla security framework (please see
> http://fedoraproject.org/wiki/FedoraCryptoConsolidation for the
> background). I have tested these patches with an pkcs11-smartcard
> which currently can't be used in openssh and they work for me (only
> difference for Debian is that the include headers are in different
> directories, and the obvious changes for debian/{rules,control,copyright}).
> 
> As these patches are provided by Fedora / RedHat there is also some
> security support (and I assume RedHat will try to push them upstream
> as well). Would be great if this patch could be accepted.

While I applaud the idea of centralising on a single security framework,
I don't feel confident to review this myself, and I would rather wait
until upstream accepts it.

-- 
Colin Watson                                       [cjwatson@debian.org]

Reply to:

References:
- Bug#558309: please incorporate nss patches from Fedora
  - From: Andreas Barth <aba@not.so.argh.org>

Prev by Date: Bug#558309: please incorporate nss patches from Fedora
Next by Date: Bug#496017: Workaround attempts
Previous by thread: Bug#558309: please incorporate nss patches from Fedora
Next by thread: Bug#496017: Workaround attempts
Index(es):
- Date
- Thread