Tuesday, August 23, 2022

[389-users] Re: NOTICE - Rust will be mandatory starting in 389-ds-base-2.2

How are you going to handle the FIPS build issues surrounding Rust right now?

Are all crypto libraries going to build against the underlying OpenSSL (or something else certified)?

Thanks,

Trevor


On Tue, Aug 23, 2022 at 9:53 AM Mark Reynolds <mareynol@redhat.com> wrote:
Hello,

For many years now we have been offering Rust plugins, and for those
that build the server themselves it was possible to disable Rust if it
was not wanted.  This is no longer going to be an option starting in the
next release of 389-ds-base-2.2 (On Fedora 37).  We are upgrading the
default password storage schema to the Rust password storage scheme
PBKDF2_SHA256 for its improved security and performance over the C/NSS
version (PBKDF2-SHA256). We are also going to be incorporating Rust into
core parts of the server.  So leaving Rust optional is no longer going
to be an option.

Sorry for the inconvenience this will impose on people not wanting to
build with Rust, but this is the direction we are moving in with the 389
project.

Feel free to ask any questions or voice concerns over this change, and
we will do our best to address them.

Sincerely,

--
Directory Server Development Team
_______________________________________________
389-users mailing list -- 389-users@lists.fedoraproject.org
To unsubscribe send an email to 389-users-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/389-users@lists.fedoraproject.org
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue


--
Trevor Vaughan
Vice President, Onyx Point
(410) 541-6699 x788

-- This account not approved for unencrypted proprietary information --

No comments:

Post a Comment