On Аўт, 09 вер 2025, Gary Buhrmaster wrote:
On Tue, Sep 9, 2025 at 10:00 AM Dmitry Belyavskiy <dbely...@redhat.com> wrote:
OpenSSL upstream has started development of the version OpenSSL 4.0
It will imply soname bump, removing ENGINE support, etc.
I seem to recall someone stating that currently
Fedora itself uses the engine support for some
infrastructure purpose (I would guess something
about signing, but I don't really recall it being
stated).
FreeIPA bits and pieces depended on the engine support. It is still in
RHEL 9, though we should be getting better in RHEL 9.7.
Fedora infrastructure's FreeIPA instance runs on RHEL so it is not
affected directly by Fedora changes.
Does Fedora infrastructure have a plan
(probably un-resourced today) to migrate
to openssl providers, or should we expect
the openssl 3.x compatibility package
to live for another decade or so?
I think the only 'hard' dependency was on kernel signing side which
should have been addressed already.
--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Management Engineering
Red Hat Limited, Finland
--
_______________________________________________
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam, report it:
https://pagure.io/fedora-infrastructure/new_issue
