t tokens
as configured by p11-kit, and allowing applications to specify objects
by their PKCS#11 URI. Was that discussed? There was... bizarreness...
last time I raised it on the Mozilla dev-tech-crypto list.
--
David WoodhouseOpen Source Technology Centre
david.woodho.
On Mon, 2016-02-15 at 17:09 +0100, Ralf Corsepius wrote:
>
> Exactly. Because of this, I -fsigned-char should only be applied as a
> last resort/work-around to mere program/application packages and not to
> library packages, IMHO.
Or to programs which *use* libraries? :)
--
dwmw2
smime.p7s
e3f77
It's a bit pointless there, since the tarballs tend to get uploaded to
Fedora from the same workstation I sign them on, sometimes *before*
they're uploaded to the FTP site. But it's still good practice, as you
rightly point out.
--
David WoodhouseOp
't really see the point, if the signing key is
trusted.
https://fedorahosted.org/fpc/ticket/610
Might be nice to have rpmlint, when checking source URLs, also complain
if a %{SOURCEx}.sig or %{SOURCEx}.asc file exists on the download site,
and *isn't* also present as a source file in the sp
h it.
Assuming the signing key isn't *also* compromised, of course. But
there's a fairly large class of problems that *would* be caught. For
almost no effort.
--
David WoodhouseOpen Source Technology Centre
david.woodho...@intel.com
.org/fpc/ticket/610#comment:6
--
David WoodhouseOpen Source Technology Centre
david.woodho...@intel.com Intel Corporation
smime.p7s
Description: S/MIME cryptographic signature
--
devel mailing list
devel@lists.fedorap
On Tue, 2016-03-22 at 18:29 +0100, Till Maas wrote:
> I already meant to file this feature request after discussing this with
> Werner Koch, so here it is and hopefully it will really be implemented:
> https://bugs.gnupg.org/gnupg/issue2290
Excellent; thank you. And in the meantime it's possible j
On Fri, 2016-05-20 at 11:48 +0200, Jan Kurik wrote:
> = Proposed Self Contained Change: NSS enforces the system-wide crypto
> policy =
> https://fedoraproject.org/wiki/Changes/NSSCryptoPolicies
IYTM "enforces *some* of the system-wide crypto policy".
We also have a policy (in p11-kit config) for
On Mon, 2016-12-12 at 02:36 +0100, Igor Gnatenko wrote:
> It shows a little error icon in the Domain box, as if to indicate
> > that FEDORAPROJECT.ORG is an invalid domain (but unhelpfully without
> > any actual tooltip or error message). Is there a known problem here?
>
> yes, and even patch avai
On Mon, 2016-12-12 at 10:53 +0100, Vít Ondruch wrote:
> 2) I needed to update a certificate every 6 months, now I need to kinit
> every day. This is regression. How to make it work without kinit at all.
> I am using SSSD for company kerberos and I don't need to kinit at all,
> how to make this work
On Sun, 2016-12-11 at 18:34 -0600, Dennis Gilmore wrote:
> All package maintainers will want to make sure they have updated to
> the
> following package versions (some may be in testing as of this email):
>
> python-cccolutils-1.4-1
> fedpkg-1.26-2
> fedora-packager-0.6.0.0-1
>
On Wed, 2016-12-14 at 09:43 -0700, Kevin Fenzi wrote:
>
> I think we got this sorted out on IRC.
Indeed we did. It required newer versions of the packages that had been
listed, which presumably will be in stable updates some time soon.
> David: if you still see a problem, please let us know.
On Tue, 2017-01-31 at 10:24 +0100, Jan Kurik wrote:
> = System Wide Change: Kerberos KCM credential cache by default =
> https://fedoraproject.org/wiki/Changes/KerberosKCMCache
>
> Change owner(s):
> * Jakub Hrozek
>
>
> Default to a new Kerberos credential cache type called KCM which is
> bett
On Tue, 2017-01-31 at 13:37 +0100, Jakub Hrozek wrote:
>
> I'm not really well-versed with winbind, so honestly I'm not sure what
> limitation it has wrt Kerberos ccaches. Was this ever reported as a
> bug against winbind?
https://bugzilla.redhat.com/show_bug.cgi?id=985107 covers an older
variant
On Tue, 2017-01-31 at 13:13 +0100, Jan Kurik wrote:
> = Proposed Self Contained Change: Anaconda LVM RAID =
> https://fedoraproject.org/wiki/Changes/AnacondaLVMRAID
>
> Change owner(s):
> * Vratislav Podzimek (Anaconda/Blivet)
> * Heinz Mauelshagen (LVM)
>
> Use LVM RAID instead of LVM of top o
Please don't drop me from Cc when replying. I know the list has a
misguided setup, but mailers can be configured to ignore that. Thanks.
http://david.woodhou.se/reply-to-list.html
On Wed, 2017-02-01 at 12:13 -0700, Chris Murphy wrote:
> On Wed, Feb 1, 2017 at 4:55 AM, David Woodhous
On Thu, 2017-02-02 at 15:49 +0100, Jan Kurik wrote:
> = Proposed Self Contained Change: Replace Coolkey with OpenSC =
> https://fedoraproject.org/wiki/Changes/Replace_Coolkey_with_OpenSC
>
> Change owner(s):
> * Jakub Jelen
>
> There are more PKCS#11 libraries supporting the same smart cards in
On Mon, 2018-11-05 at 23:24 +, Zbigniew Jędrzejewski-Szmek wrote:
> Dear maintainers,
>
> I'm working again on implementing
> https://fedoraproject.org/wiki/Changes/Remove_glibc-langpacks-all_from_buildroot.
> The first step is to replace LC_ALL=en_US.UTF-8 with LC_ALL=C.UTF-8
> (and similarly
On Thu, 2023-01-12 at 14:08 -0800, Jilayne Lovejoy wrote:
> every two weeks was my understanding too, although I don't think
> Miro set up a recurring invite b/c we were also going to try to
> alternate the time of day to accommodate various time zones.
>
> Bi-weekly is ambiguous in English, I'
On Fri, 2018-01-05 at 09:23 +0100, Jan Kurik wrote:
>
>
> == Detailed Description ==
> Replace older, clunkier, less user-friendly python interfaces to
> Kerberos with python-gssapi. python-gssapi uses the GSSAPI interface,
> which is widely standardized, implemented by both MIT and Heimdal
> Ker
On Sat, 2018-02-10 at 18:07 +0100, Robert-André Mauchin wrote:
> Before requesting a new dist-git repository for a new package, you need to
> generate a pagure.io API token at https://pagure.io/settings/token/new, and
> save it
> into your local user configuration located at ~/.config/rpkg/fedpkg.
On Fri, 2021-02-12 at 14:19 -0600, Justin Forbes wrote:
> > Some things, like the AMD Radeon GPU drivers, firmware or related
> > code, appear to be completely non-functional on the 64k page size.
> > Insufficient upstream developers are testing such issues on this
> > architecture.
>
> Just as th
On Fri, 2022-04-29 at 17:49 -0400, Ben Cotton wrote:
> This document represents a proposed Change. As part of the Changes
> process, proposals are publicly announced in order to receive
> community feedback. This proposal will only be implemented if approved
> by the Fedora Engineering Steering Com
On Mon, 2022-05-02 at 19:33 +0200, Clemens Lang wrote:
> This is the reason why the proposal contains extensive methods to test
> whether things are going to break by modifying the crypto-policy or using
> bpftrace. Unfortunately there are hundreds of packages that depend on
> cryptographic librari
101 - 124 of 124 matches
Mail list logo
