On Sun, Aug 18, 2024 at 5:23 PM Andrew Bauer <zonexpertconsult...@outlook.com> wrote: > > Thanks everyone for the great responses. > > I'll certainly check out the Matrix room if I have to, but I was hoping I > could do this in a way that allows me to directly reference any responses I > get via link in the following new package request: > https://bugzilla.redhat.com/show_bug.cgi?id=2302646 > > The Netatalk project is moving from OpenSSL -> WolfSSL. Hence there is a need > to add WolfSSL package to Fedora repos. > > It has already gone through the normal approval process, but the question was > raised whether this needs an additional approval from the Fedora Security > Team, since this is a crypto library.
I raised this question due to this section in the packaging guidelines: https://docs.fedoraproject.org/en-US/packaging-guidelines/CryptoPolicies/#_new_crypto_libraries > New crypto libraries must comply with the crypto policies to enter Fedora, > unless an exception has been granted by Fedora packaging committee, after > consulting with Fedora security team. The question whether wolfssl complies with system crypto policies hasn't been answered, as far as I can tell, so I don't appreciate that the package was already imported to Fedora regardless. Fabio -- _______________________________________________ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
