Quoting Daniel P. Berrange (berra...@redhat.com): > Copy+pasting code for encryption algorithms is really not nice. > It means that instead of distributors of your package being able > to rely on the fact 'gnutls' is (eg) FIPS certified, they now have > to explicitly certify the copy of the code in your package too :-(
Interesting point, thanks. (I had considered the more general problem of library updates, but I deemed the likelyhood of sha1.c needing updates to be low) Haven't dealt with FIPS in many years, but I *thought* that in the past you had to do a full certification anyway if you dynamically linked. Am I wrong about that? -serge ------------------------------------------------------------------------------ See everything from the browser to the database with AppDynamics Get end-to-end visibility with application monitoring from AppDynamics Isolate bottlenecks and diagnose root cause in seconds. Start your free trial of AppDynamics Pro today! http://pubads.g.doubleclick.net/gampad/clk?id=48808831&iu=/4140/ostg.clktrk _______________________________________________ Lxc-devel mailing list Lxc-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/lxc-devel
