Do we even know for sure this krb5-k5tls is enough for fips compliance, and that it replaces *all* crypto code in kerberos with openssl calls?
-- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to krb5 in Ubuntu. https://bugs.launchpad.net/bugs/1943530 Title: link libkrb5 with openssl Status in krb5 package in Ubuntu: New Bug description: In Ubuntu we provide a cryptographic core based on a small set of packages that we FIPS certify [0]. Applications and libraries should not bundle their own crypto code but should use the cryptographic core to benefit from the certification, but also importantly to reduce bugs due to small cryptographic libraries that that are not studied as much as more popular counterparts. This bug is to change libkrb5 to use the openssl crypto code instead of bundling its own on the next ubuntu release. [0]. https://ubuntu.com/security/fips To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/krb5/+bug/1943530/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : [email protected] Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
