Hi Michael, > On 20. Nov 2024, at 15:52, Michael Catanzaro <mcatanz...@redhat.com> wrote: > > On Wed, Nov 20 2024 at 11:09:05 AM +01:00:00, Clemens Lang > <cll...@redhat.com> wrote: >> The idea here was to auto-enable pkcs11-provider when it is installed, which >> still makes sense to me. The issue here I think is that many people ended up >> with pkcs11-provider installed because of a recommendation. We should remove >> that recommendation, most users don´t need pcks11-provider installed. > > Are you sure? Surely users should not have to install pkcs11-provider or > anything special to make PKCS #11 work in applications that use OpenSSL.
That was the case with openssl-pkcs11 (the package that contains the OpenSSL PKCS#11 ENGINE) for years. The use of PKCS#11 tokens is not very common. I don’t think it’s too much to ask to install an additional package if you want to use it. -- Clemens Lang RHEL Crypto Team Red Hat -- _______________________________________________ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
