On Tue, 2026-06-23 at 14:03 +0200, Fabio Valentini wrote: > On Tue, Jun 23, 2026 at 12:35 PM Neal Gompa <[email protected]> wrote: > > > > On Tue, Jun 23, 2026 at 6:32 AM Daniel P. Berrangé <[email protected]> > > wrote: > > > > > > At what point do we say the process is broken, and we need to change > > > the guidelines to remove the special gate keeping rule for crypto ? > > > This feels overdue for a proposal to FESCO to change the guidelines > > > to something that is workable without such delays. > > > > > > As long as it is not causing regression in existing distro behaviour/ > > > features for crypto, let crypto best practice problems[1] be addressed > > > asynchronously after the package is imported. > > > > > > > You beat me to suggesting the same thing. :) > > > > I think we're at the point that almost every process that gates on a > > Red Hat team needs to be evaluated and potentially removed. Most of > > them are mired in similar problems. > > > > There hasn't been a "Fedora Crypto Team" in a very long time, probably > > not since the last attempt at unified crypto over a decade ago. The > > Security Team was also defunct, but is slowly being restarted with > > community leadership instead of Red Hat participants. > > > > This is a systemic problem. :( > > https://pagure.io/fesco/issue/3624 > > Fabio
If we still need an approval on this process, I think that's something the Security SIG would be happy to provide. Whether it stays an external approval or moves into the proper package review workflow though, we need a clearer list of requirements. Right now it feels like the crypto team we just supposed to check if it _feels_ off. "It must respect crypto-policies" is the main requirement now, trying to think if there are any others. -- Daniel Milnes -- _______________________________________________ devel mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/[email protected] Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new
