From Fedora Project Wiki
No edit summary
No edit summary
Line 2: Line 2:


{|
{|
! Functionality !! Software involved !! Tracker bugs !! Planned for
! Functionality !! Software involved !! Tracker bugs !! Planned for !! Status
|-
|-
| SSL/TLS || gnutls || https://bugzilla.redhat.com/show_bug.cgi?id=1179209 || F21 (selected packages), F22
| SSL/TLS || gnutls || https://bugzilla.redhat.com/show_bug.cgi?id=1179209 || F21 (selected packages), F22 || Full policy support
|-
|-
|  || openssl || https://bugzilla.redhat.com/show_bug.cgi?id=1179209 || partial support (ciphersuites only) F21 (selected packages), F22
|  || openssl || https://bugzilla.redhat.com/show_bug.cgi?id=1179209 || F21 (selected packages), F22 || Partial policy support (ciphersuites only).
There is [[https://github.com/openssl/openssl/pull/192|Upstream bug for incorporation]]. More complete support planned after upstream includes the proposed changes.
|-
|-
|  || NSS || https://bugzilla.redhat.com/show_bug.cgi?id=1157720 || F22
|  || NSS || https://bugzilla.redhat.com/show_bug.cgi?id=1157720 || F?? || [[https://bugzilla.mozilla.org/show_bug.cgi?id=1009429|Blocked upstream]]
|-
|-
|  || Java || ||
|  || Java || || ||
|-
|-
|SSH || openssh || ||
|SSH || openssh || || ||
|-
|-
|Kerberos ||  ||  ||
|Kerberos ||  ||  || ||
|-
|-
|DNSSEC || BIND || https://bugzilla.redhat.com/show_bug.cgi?id=1179925 ||
|DNSSEC || BIND || https://bugzilla.redhat.com/show_bug.cgi?id=1179925 || F23 || Ongoing work
|}
|}

Revision as of 11:21, 21 May 2015

The following table helps track the status of System wide crypto policies deployment within Fedora. The current deployment is restricted on SSL/TLS libraries, but the greater idea is to extend them to all applications which involve crypto. If you believe some existing crypto subsystem can benefit of them, contact me or open an issue in [1] for it.

Functionality Software involved Tracker bugs Planned for Status
SSL/TLS gnutls https://bugzilla.redhat.com/show_bug.cgi?id=1179209 F21 (selected packages), F22 Full policy support
openssl https://bugzilla.redhat.com/show_bug.cgi?id=1179209 F21 (selected packages), F22 Partial policy support (ciphersuites only).

There is [bug for incorporation]. More complete support planned after upstream includes the proposed changes.

NSS https://bugzilla.redhat.com/show_bug.cgi?id=1157720 F?? [upstream]
Java
SSH openssh
Kerberos
DNSSEC BIND https://bugzilla.redhat.com/show_bug.cgi?id=1179925 F23 Ongoing work