On Tue, Apr 26, 2011 at 7:20 PM, Marco d'Itri <m...@linux.it> wrote: > On Apr 26, Bastien ROUCARIES <roucaries.bast...@gmail.com> wrote: > >> I have seen that fedora is trying to consolidate the number of crypto >> package shipped [1]. What do you think about this goal ? > While I believe it to be a worthwhile goal, I have serious doubts that > we should actively switch packages to NSS when this causes regressions.
Yes main drawback is lack of compression support (see [3]) but it could be improved > The reason is that the kind of entities which require FIPS 140 probably > also tend to require corporate vendor support, which we do not provide. Even if we do not support corporate, being FIPS 140 is worthwhile from a security point of view: vendors what care about will provide quick security fix. Moreover from a marketing point of view it will be also nice. > If building a package with NSS instead of other libraries does not > causes relevant negative side effects then I think we should do it to > benefit from the improvements which NSS is receiving and to help the > process. It will moreover reduce the license mess of openssl... And it is by itself a worthwhile goal. Bastien [3] http://fedoraproject.org/wiki/Nss_compat_ossl > -- > ciao, > Marco > -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/banlktimnylsfo-fmw6v3rnh4cvh6jge...@mail.gmail.com