Enforcement of a system-wide crypto policy
An overview of the Fedora way
Nikos Mavrogiannopoulos is a senior software engineer in the Red Hat Security technologies team. He's the author of GnuTLS, and openconnect VPN server, and the current Fedora maintainer of them. He's studied mathematics and holds a PhD in cryptography.
Currently each and every shipped application in distributions enforces its own policy on the allowed cryptographic algorithms/protocols. While for some this is a desirable property, for most non-UI applications and libraries in an operating system it creates an uncertainty on the available security level. The purpose of this talk is to describe the approach we've taken in Fedora to counter the issue, by enforcing system-wide policies, discuss the current outcome, lessons learned, and invite OpenSuse maintainers to participate.
- 2016 June 23 - 16:00
- 30 min
- openSUSE Conference 2016
- Technology & Development