On Út, 2013-12-03 at 22:28 +0100, Florian Weimer wrote:
> On 12/03/2013 07:58 PM, Tomas Mraz wrote:
>
> > I'd suggest to follow the "Medium term goals" from the page. That means
> > to choose the backend from one of the following libraries (in the order
> > of preference).
> > 1. NSS
> > 2. GNUTLS (with nettle as crypto backend, but nettle never used
> > directly by applications)
> > 3. OpenSSL
> > 4. libgcrypt
>
> I hope that both OpenJDK crypto providers are acceptable as well (one is
> a wrapper around NSS, the other one is a separate implementation, mostly
> in Java).
The wrapper around NSS clearly is acceptable. On the other hand the
separate implementation is not planned to be FIPS validated in Red Hat
Enterprise Linux which might be a problem.
--
Tomas Mraz
No matter how far down the wrong road you've gone, turn back.
Turkish proverb
(You'll never know whether the road is wrong though.)
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
