Re: [Freeipa-devel] [DESIGN] FreeIPA on FIPS + NSS question

On 01/25/2017 12:46 PM, Tomas Krizek wrote: > On 01/13/2017 05:44 PM, Petr Vobornik wrote: >> On 01/13/2017 03:49 PM, Rob Crittenden wrote: >>> Tomas Krizek wrote: On 01/12/2017 04:17 PM, Rob Crittenden wrote: > Tomas Krizek wrote: >> On 12/19/2016 04:41 PM, Standa Laznicka wrote:

Re: [Freeipa-devel] [DESIGN] FreeIPA on FIPS + NSS question

On 01/13/2017 05:44 PM, Petr Vobornik wrote: > On 01/13/2017 03:49 PM, Rob Crittenden wrote: >> Tomas Krizek wrote: >>> On 01/12/2017 04:17 PM, Rob Crittenden wrote: Tomas Krizek wrote: > On 12/19/2016 04:41 PM, Standa Laznicka wrote: >> On 12/19/2016 03:07 PM, John Dennis wrote: >>>

Re: [Freeipa-devel] [DESIGN] FreeIPA on FIPS + NSS question

On 01/13/2017 03:49 PM, Rob Crittenden wrote: > Tomas Krizek wrote: >> On 01/12/2017 04:17 PM, Rob Crittenden wrote: >>> Tomas Krizek wrote: On 12/19/2016 04:41 PM, Standa Laznicka wrote: > On 12/19/2016 03:07 PM, John Dennis wrote: >> On 12/19/2016 03:12 AM, Standa Laznicka wrote: >>>

Re: [Freeipa-devel] [DESIGN] FreeIPA on FIPS + NSS question

Tomas Krizek wrote: > On 01/12/2017 04:17 PM, Rob Crittenden wrote: >> Tomas Krizek wrote: >>> On 12/19/2016 04:41 PM, Standa Laznicka wrote: On 12/19/2016 03:07 PM, John Dennis wrote: > On 12/19/2016 03:12 AM, Standa Laznicka wrote: >> On 12/16/2016 03:23 PM, Rob Crittenden wrote: >>>

Re: [Freeipa-devel] [DESIGN] FreeIPA on FIPS + NSS question

On 01/12/2017 04:17 PM, Rob Crittenden wrote: > Tomas Krizek wrote: >> On 12/19/2016 04:41 PM, Standa Laznicka wrote: >>> On 12/19/2016 03:07 PM, John Dennis wrote: On 12/19/2016 03:12 AM, Standa Laznicka wrote: > On 12/16/2016 03:23 PM, Rob Crittenden wrote: >> Standa Laznicka wrote:

Re: [Freeipa-devel] [DESIGN] FreeIPA on FIPS + NSS question

On to, 12 tammi 2017, Christian Heimes wrote: On 2016-12-19 15:07, John Dennis wrote: I'm not a big fan of NSS, it has it's issues. As the author of the Python binding I'm quite aware of all the nasty behaviors NSS has and needs to be worked around. I wouldn't be sad to see it go but OpenSSL has

Re: [Freeipa-devel] [DESIGN] FreeIPA on FIPS + NSS question

Tomas Krizek wrote: > On 12/19/2016 04:41 PM, Standa Laznicka wrote: >> On 12/19/2016 03:07 PM, John Dennis wrote: >>> On 12/19/2016 03:12 AM, Standa Laznicka wrote: On 12/16/2016 03:23 PM, Rob Crittenden wrote: > Standa Laznicka wrote: >> Hello, >> >> I started a design page f

Re: [Freeipa-devel] [DESIGN] FreeIPA on FIPS + NSS question

On 12/19/2016 04:41 PM, Standa Laznicka wrote: > On 12/19/2016 03:07 PM, John Dennis wrote: >> On 12/19/2016 03:12 AM, Standa Laznicka wrote: >>> On 12/16/2016 03:23 PM, Rob Crittenden wrote: Standa Laznicka wrote: > Hello, > > I started a design page for FreeIPA on FIPS-enabled sy

Re: [Freeipa-devel] [DESIGN] FreeIPA on FIPS + NSS question

On 2016-12-19 15:07, John Dennis wrote: > I'm not a big fan of NSS, it has it's issues. As the author of the > Python binding I'm quite aware of all the nasty behaviors NSS has and > needs to be worked around. I wouldn't be sad to see it go but OpenSSL > has it's own issues too. If you remove NSS y

Re: [Freeipa-devel] [DESIGN] FreeIPA on FIPS + NSS question

On 12/19/2016 03:07 PM, John Dennis wrote: On 12/19/2016 03:12 AM, Standa Laznicka wrote: On 12/16/2016 03:23 PM, Rob Crittenden wrote: Standa Laznicka wrote: Hello, I started a design page for FreeIPA on FIPS-enabled systems: https://www.freeipa.org/page/V4/FreeIPA-on-FIPS Me and Tomáš are

Re: [Freeipa-devel] [DESIGN] FreeIPA on FIPS + NSS question

On 12/19/2016 03:12 AM, Standa Laznicka wrote: On 12/16/2016 03:23 PM, Rob Crittenden wrote: Standa Laznicka wrote: Hello, I started a design page for FreeIPA on FIPS-enabled systems: https://www.freeipa.org/page/V4/FreeIPA-on-FIPS Me and Tomáš are still investigating what of all things will

Re: [Freeipa-devel] [DESIGN] FreeIPA on FIPS + NSS question

On 12/16/2016 03:23 PM, Rob Crittenden wrote: Standa Laznicka wrote: Hello, I started a design page for FreeIPA on FIPS-enabled systems: https://www.freeipa.org/page/V4/FreeIPA-on-FIPS Me and Tomáš are still investigating what of all things will need to change in order to have FreeIPA on FIPS-

Re: [Freeipa-devel] [DESIGN] FreeIPA on FIPS + NSS question

Standa Laznicka wrote: > Hello, > > I started a design page for FreeIPA on FIPS-enabled systems: > https://www.freeipa.org/page/V4/FreeIPA-on-FIPS > > Me and Tomáš are still investigating what of all things will need to > change in order to have FreeIPA on FIPS-enabled RHEL. So far I managed > to

[Freeipa-devel] [DESIGN] FreeIPA on FIPS + NSS question

Hello, I started a design page for FreeIPA on FIPS-enabled systems: https://www.freeipa.org/page/V4/FreeIPA-on-FIPS Me and Tomáš are still investigating what of all things will need to change in order to have FreeIPA on FIPS-enabled RHEL. So far I managed to install and run patched FreeIPA s