Hi, Anything you can do will be appreciated. Regarding the FIPS concern, I hear you but it's never really that black and white. One way to look on it is as follows: 1) Allowing pacemaker to compile with OpenSSL and without GnuTLS (original post) 2) Making pacemaker a FIPS approved software Alt. 1 is Practical; Common (e.g., freetds RPM); Natural and Extends package "availability" (FIPS customers that are not allowed to use GnuTLS will have pacemaker in the gray area rather than black) Alt. 2 is Expensive; Takes time; but gains Certificated and Business motivated. The less secure claim is also gray. Major security fixes are nowadays released quickly (e.g., heartbleed). Anyway, how users handle bugs in FIPS env. is not an HA community concern. Best, Oren
_______________________________________________ Pacemaker mailing list: Pacemaker@oss.clusterlabs.org http://oss.clusterlabs.org/mailman/listinfo/pacemaker Project Home: http://www.clusterlabs.org Getting started: http://www.clusterlabs.org/doc/Cluster_from_Scratch.pdf Bugs: http://bugs.clusterlabs.org