Hi gang - Thought you would be interested. Also, I have updated the URL on strong crypto: http://opensolaris.org/os/project/crypto/Documentation/sunwcry/
Valerie ---------- Forwarded message ---------- Date: Fri, 29 Feb 2008 18:38:12 -0800 (PST) From: Valerie Bubb Fenwick <valerie.fenw...@sun.com> To: on-all at sun.com, onnv-gate at onnv.sfbay.sun.com Subject: Heads Up: Data Encryption Kit (SUNWcry) Removal Executive summary: Do NOT install SUNWcry[r] (aka the Data Encryption Kit) onto any S10U4 or snv_85+ build. Details: The putback for: 6498066 PSARC/2006/610 Data Encryption Kit (SUNWcry) Removal has obsoleted the Data Encryption Kit [1]. The stronger crypto that was previously contained in those packages is now contained in the core operating system. The old module names, like aes256 and pkcs11_softtoken_extra.so.1, will no longer exist, as those bits have folded into the base module names, like aes and pkcs11_softtoken.so.1. This is not a removal of functionality, but a removal of a nuisance - SUNWcry and SUNWcryr. At this point in time, there is no need for the extra media for the Data Encryption Kit. Installing these packages from old media will cause a downgrade of your cryptographic system and may lead to panics in the future. For the record, Solaris 10 update 4 and forward also already contains strong crypto, so installing the Data Encryption Kit on those systems will also cause problems. Unless you are using Solaris 10 Update 3 or older, like Solaris 9, do not manually install those packages. You must use bfu corresponding to this integration in order for the correct things to happen on your system. You must followup bfu by running acr. This bfu will do the wrong thing if you try to use it with older archives. Please use a bfu corresponding to the archives you are installing. [1] This does not get rid of the need for the Release Engineering crypto dock. That dock will still be required for the delivery of the SUNWn2cpact.v package. If you have any questions, feel free to contact us at crypto-discuss at opensolaris.org Valerie -- Valerie Fenwick, http://blogs.sun.com/bubbva Solaris Security Technologies, Developer, Sun Microsystems, Inc. 17 Network Circle, Menlo Park, CA, 94025. 650-786-0461
