From Fedora Project Wiki

Revision as of 04:35, 20 September 2016 by Jibecfed (talk | contribs) (internal link cleaning)

The following table helps track the status of System wide crypto policies deployment within Fedora. The current deployment is restricted on SSL/TLS libraries, but the greater idea is to extend them to all applications which involve crypto. If you believe some existing crypto subsystem can benefit of them, contact me or open an issue in [1] for it.

Functionality Software involved Tracker bugs Planned for Status
SSL/TLS gnutls https://bugzilla.redhat.com/show_bug.cgi?id=1179209 F21 Full policy support in F21.
openssl https://bugzilla.redhat.com/show_bug.cgi?id=1179209 F21 Partial policy support (ciphersuites only) using custom patch in F21.

There is Upstream bug for incorporation. More complete support planned possibly with a downstream-only approach as upstream does not welcome such changes.

NSS https://bugzilla.redhat.com/show_bug.cgi?id=1157720 F25 Accepted upstream, in progress integration in Fedora.
Java https://bugzilla.redhat.com/show_bug.cgi?id=1249083 F25 In progress
SSH openssh https://bugzilla.redhat.com/show_bug.cgi?id=1225752 In progress
Kerberos krb5 https://bugzilla.redhat.com/show_bug.cgi?id=1225792 F24 Completed
DNSSEC BIND https://bugzilla.redhat.com/show_bug.cgi?id=1179925 F23 Completed