V Thu, Jun 30, 2022 at 10:46:27PM +0100, Richard W.M. Jones napsal(a):
> Practically what would help is an easier way to reduce security for
> only specific sites + protocols. It's very easy right now to set the
> whole system to LEGACY, and much harder to set legacy for a specific
> site +
On Thu, Jun 30, 2022 at 03:23:34PM +, Alexander Sosedkin wrote:
> Quoting Kevin Kofler via devel (2022-06-30 14:15:04)
> > You are making two doubtful assumptions:
> >
> > 1. That the users will bother reporting their issues to the server
> > administrators at all. I would expect them to just
Quoting Kevin Kofler via devel (2022-06-30 14:15:04)
> You are making two doubtful assumptions:
>
> 1. That the users will bother reporting their issues to the server
> administrators at all. I would expect them to just blame Fedora for it and
> move to a different operating system that just
Thanks Clemens for commenting on the Ask Fedora post. Hopefully that'll
help the user and others.
I understand the idea behind deprecating things---otherwise they never
improve---but I also note that while individual users may be pushed to
update etc., the same does not apply to institutions.
Alexander Sosedkin wrote:
>> without having to jump through hoops.
>
> No, or nothing ever moves on, squarely because
>
>> Users want to be able to connect to their WPA* WiFi networks,
>> view their HTTPS websites, etc.
>> They do not care whether those use the latest,
>> most secure versions of
Quoting Kevin Kofler via devel (2022-06-30 13:16:55)
> Clemens Lang wrote:
> > I hope you’re not suggesting we keep the defaults insecure because there
> > are some institutions out there that don’t support modern standards.
>
> Sorry, but I am.
> The defaults need to work out there in the real
Clemens Lang wrote:
> I hope you’re not suggesting we keep the defaults insecure because there
> are some institutions out there that don’t support modern standards.
Sorry, but I am. The defaults need to work out there in the real world. If
legacy standards are still widespread, they need to be
Hi,
Kevin Kofler via devel wrote:
If the default crypto policies fail with the world's largest WiFi network,
then surely they are too strict to be useful in practice and need to be
relaxed.
It may be the world’s largest WiFi network, but authentication is delegated
to the various
to, 2022-06-30 kello 11:54 +0200, Kevin Kofler via devel kirjoitti:
> If the default crypto policies fail with the world's largest WiFi
> network,
> then surely they are too strict to be useful in practice and need to
> be
> relaxed.
>
I'm not a developer but I just wanted to chime in here and
Ankur Sinha wrote:
> Could someone with sufficient OpenSSL knowledge please take a look at
> this post?
>
> https://ask.fedoraproject.org/t/cannot-connect-to-eduroam-on-f36-due-to-openssl-error/23909
>
> I'd managed to debug another one related to Eduroam and come up with a
> workaround, but
Dear Ankur,
Your solution looks like not a workaround but a recommended solution.
You can find more information in Clemens Lang's blog post here:
https://www.redhat.com/en/blog/legacy-cryptography-fedora-36-and-red-hat-enterprise-linux-9
This blog post also contains links to two relevant bugs.
Hi folks,
Could someone with sufficient OpenSSL knowledge please take a look at
this post?
https://ask.fedoraproject.org/t/cannot-connect-to-eduroam-on-f36-due-to-openssl-error/23909
I'd managed to debug another one related to Eduroam and come up with a
workaround, but this is a new one that
12 matches
Mail list logo
