F21 System Wide Change: System-wide crypto policy
Martin Langhoff
martin.langhoff at gmail.com
Thu Feb 27 17:54:20 UTC 2014
On Thu, Feb 27, 2014 at 11:22 AM, Jaroslav Reznik <jreznik at redhat.com> wrote:
> Unify the crypto policies used by different applications and libraries. That is
> allow setting a consistent security level for crypto on all applications in a
> Fedora system.
As others have noted, crypto tech compatibility is tricky. Clients and
servers that you want to interoperate with have interesting mixes of
supported crypto suites. And the quality of crypto suites is
very-nonlinear and multidimensional.
Every crypto suite choice is fraught with tricky tradeoffs in threat
vs interoperability, and this is different on each protocol.
Personally, I cannot picture a good way to consolidate this into a
single policy...
m
--
martin.langhoff at gmail.com
- ask interesting questions
- don't get distracted with shiny stuff - working code first
~ http://docs.moodle.org/en/User:Martin_Langhoff
More information about the devel
mailing list