> -----Original Message----- > From: Luke Hinds <lhi...@redhat.com> [...] >> for non security related functions, but when it comes to government >> compliance and running OpenStack on public clouds (and even private for the >> Telcos / NFV), not meeting FIPS will in some cases block production getting >> a green light, or at least make it a big challenge to push through.
Are there any know cases of this happening? If so, can those be publicly documented to quantify how much this issue is hurting deployments? On Fri, Nov 18, 2016 at 9:57 AM, Ian Cordasco <sigmaviru...@gmail.com> wrote: > Also, instead of creating bugs, I would suggest instead that we try to make > this into a community goal. We would work with the TC and for P or Q, make it > a goal to start migrating off of MD5 and have a goal for a cycle or two later > to completely remove reliance on MD5. > > Doing this piecemeal via bugs will not be efficient and we'll need community > buy-in. We would also need to get a reasonable scoping of the issue (which projects, how many instances, etc) to help decide if this is an achievable goal (in the sense of the 'community goals'). As you noted, this will not be easy for Swift or Glance (others?), but if the impact to deployers can be quantified it makes it easier to spend energy here. dt -- Dean Troyer dtro...@gmail.com __________________________________________________________________________ OpenStack Development Mailing List (not for usage questions) Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev