enforcing a consistent crypto policy

Eric H. Christensen sparks at fedoraproject.org
Thu Jan 16 16:09:27 UTC 2014


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

On Thu, Jan 16, 2014 at 02:03:14PM +0100, Nikos Mavrogiannopoulos wrote:
>  I am working on a draft common crypto policy for Fedora. The idea is to
> be able to set a security level for all TLS/SSL connections in a system
> (which will of course allow the user to use any application-specific
> overrides).
> 
> The draft change is at:
> https://fedoraproject.org/wiki/Changes/CryptoPolicy
> 
> and is not submitted yet as I'd appreciate any comments, suggestions for
> improvement or any help in implementing it. The current policy is
> restricted to TLS and SSL libraries to have a manageable work effort but
> the idea is to convert gradually all crypto applications and libraries.

It would probably be a good idea to email the Security SIG (security at lists.fedoraproject.org) to get some expert eyes on the subject.

- -- Eric

- --------------------------------------------------
Eric "Sparks" Christensen
Fedora Project

sparks at fedoraproject.org - sparks at redhat.com
097C 82C3 52DF C64A 50C2  E3A3 8076 ABDE 024B B3D1
- --------------------------------------------------
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQGcBAEBCgAGBQJS2AQ0AAoJEB/kgVGp2CYv8hcL/14xI0SBBR+bs2TtLzfwz6WZ
a0VriGzAI+nNrQSoAK0MGlw52jUKGJRtccapS8mEgc12PFqsQ4RR+FP1ydhl/rMt
ctqQ+BIfrnls2wK+KDQNBsk5RZyhKz8Fq2sH2J9N4cWhjuoHefyMtjB7fYY5Z7dZ
WzLb0/+Bwok5puHEI6pPy5w9o0HUxgUVuZXHH3xlwpaBCLQfTbWU09mKkkm76kMl
aumLe9qjnfYi7Q1XAHZxs8UE9V5ElwMD6JbhIeAF26gvvEO59+vK22EQ8oCJB5Ap
KV6eQooDiYNjER7Xc/txb5WuIJo8AaoYg6CMxvFH4FJjtZBflzjPOlTH7YxrnJP0
gdXmVsvRSzdN0gtGo3YY7mKz90LzWpvkmexAhVuLqm1vYyqUWbefCxD8Js6H1yI9
np5awr5p4VyKr9rwUjRLT7bcx43PN9lUyoY9gpRx+Vk9xeavZ4l3zWdb1hzWZJMU
iQ/mnLLhhZWfXcwdLlSJIqbqft4p0NDuqhfTo9M9yQ==
=DDwV
-----END PGP SIGNATURE-----


More information about the devel mailing list