On Thu, 2014-02-27 at 17:59 +0000, Richard W.M. Jones wrote:
> How is an admin supposed to know what levels such as the above
are, and why
> they might choose a particular one?
Supplemental question:
Why wouldn't you always want to choose the most secure one?
I believe the proposal is trying to answer this question here:
"It may be that setting a high security level could prevent
applications that connected to servers below that level to connect"
but it's rather unclear, and could do with at least more explanation
and ideally some examples of things that wouldn't work.
In any case, I can't imagine I'd ever want a Fedora machine that
wasn't "most secure" (discounting external connections).
Most secure means spending more resources and not all servers would
agree with that. Today 64-bit to 80-bit security is the norm for typical
internet secure connections. As you note, this proposal is about setting
the bar for the default settings on a particular system.
regards,
Nikos