On 12/30/2009 05:01 PM, Kevin Kofler wrote:
> Tom "spot" Callaway wrote:
>> FWIW, I'm pretty sure this is not against current Fedora policies,
>> assuming that the libtommath maintainer signs off on it and there is no
>> conflict between the two packages.
>
> I guess it's indeed not against the le
On Wed, Dec 30, 2009 at 04:42:35PM -0500, Tom spot Callaway wrote:
>
> FWIW, I'm pretty sure this is not against current Fedora policies,
> assuming that the libtommath maintainer signs off on it and there is no
> conflict between the two packages.
Indeed, it is just a compat library (and I think
Tom "spot" Callaway wrote:
> FWIW, I'm pretty sure this is not against current Fedora policies,
> assuming that the libtommath maintainer signs off on it and there is no
> conflict between the two packages.
I guess it's indeed not against the letter of the policies, it's still
against their spiri
On 12/30/2009 03:58 PM, Kevin Kofler wrote:
> Daniel Drake wrote:
>> The upstream library is already in Fedora as a shared library.
>> I guess the approach I will take is to install our audited version as a
>> shared library under a different name (libtommath_olpc?) which the
>> components will the
Daniel Drake wrote:
> OLPC has previously had a specific version of tomcrypt/tommath
> profesionally audited for security reasons. So we obviously want to
> stick with that version.
This is a bad idea and inconsistent with what Fedora is about. If you want
that sort of things, you need to go back
Daniel Drake wrote:
> The upstream library is already in Fedora as a shared library.
> I guess the approach I will take is to install our audited version as a
> shared library under a different name (libtommath_olpc?) which the
> components will then dynamically link against.
While that at least c
Martin Langhoff wrote:
> Let's focus on the important bit: we need a frozen version of a
> library (that, btw, is useful, and is not in Fedora yet :-) ). What's
> the best practice for that? I don't see why we'd need to embed it
> statically anywhere (except OFW of course).
It's just not allowed.
ons 2009-12-30 klockan 13:37 + skrev Daniel Drake:
> I guess the approach I will take is to install our audited version as a
> shared library under a different name (libtommath_olpc?) which the
libtommath-audited
No sense making it look like it's only for OLPC use. If others want
audit-colou
On Wed, Dec 30, 2009 at 2:37 PM, Daniel Drake wrote:
> The upstream library is already in Fedora as a shared library.
Is it now? Great -- I had seen some failed attempts to get it into
Fedora long ago.
> I guess the approach I will take is to install our audited version as a
> shared library und
On Wed, 2009-12-30 at 12:25 +0100, Martin Langhoff wrote:
> Let's focus on the important bit: we need a frozen version of a
> library (that, btw, is useful, and is not in Fedora yet :-) ). What's
> the best practice for that? I don't see why we'd need to embed it
> statically anywhere (except OFW o
On Wed, Dec 30, 2009 at 8:05 AM, Ralf Corsepius wrote:
> Well, I disagree: If they want to use "their auditied version", they haven't
> understood how open source works. They qualify as jerks who prefer to use
> proprietary forks instead of "paying back" to "upstream" and the wider
> user-base.
U
On Wed, Dec 30, 2009 at 2:05 AM, Ralf Corsepius wrote:
> On 12/30/2009 07:29 AM, Jon Masters wrote:
>> One presumes that such auditing is expensive, lengthy, and not often to
>> be repeated. Committing to undertaking a full code audit on every update
>> would seem to be a little unreasonable of a
On 12/30/2009 07:29 AM, Jon Masters wrote:
On Tue, 2009-12-29 at 14:41 +0100, Ralf Corsepius wrote:
On 12/29/2009 11:52 AM, Daniel Drake wrote:
OLPC has previously had a specific version of tomcrypt/tommath
profesionally audited for security reasons. So we obviously want to
stick with that ve
On Tue, 2009-12-29 at 14:41 +0100, Ralf Corsepius wrote:
> On 12/29/2009 11:52 AM, Daniel Drake wrote:
> > OLPC has previously had a specific version of tomcrypt/tommath
> > profesionally audited for security reasons. So we obviously want to
> > stick with that version.
> >
> > A few packages we h
On Tue, 29 Dec 2009 10:52:54 +, Daniel wrote:
> Hi,
>
> OLPC's security system uses libtomcrypt / tomsfastmath, both at the
> Linux level and the firmware level.
>
> OLPC has previously had a specific version of tomcrypt/tommath
> profesionally audited for security reasons. So we obviously w
On 12/29/2009 11:52 AM, Daniel Drake wrote:
Hi,
OLPC's security system uses libtomcrypt / tomsfastmath, both at the
Linux level and the firmware level.
OLPC has previously had a specific version of tomcrypt/tommath
profesionally audited for security reasons. So we obviously want to
stick with t
Hi,
OLPC's security system uses libtomcrypt / tomsfastmath, both at the
Linux level and the firmware level.
OLPC has previously had a specific version of tomcrypt/tommath
profesionally audited for security reasons. So we obviously want to
stick with that version.
A few packages we have in Fedora
17 matches
Mail list logo
