5.4p1 and FIPS 140-2
Bryan
brakeb at gmail.com
Tue Mar 16 07:55:49 EST 2010
On 3/15/2010 3:53 PM, Daniel Kahn Gillmor wrote:
> On 03/15/2010 04:41 PM, Roumen Petrov wrote:
>> Bryan wrote:
>>> build in 5.4p1 will a little find/replace version magic? Any chance that
>>> this will show up in the OpenBSD snaps, as I just found out you have PKI
>>> integration.
>>
>> No OpenSSH don't support PKI.
>
> Technically, version 5.4 *does* support a PKI, but it supports a novel,
> OpenSSH-specific PKI, not a PKI that would already be in use by any
> other systems (or specified in any existing standard).
>
> In particular, OpenSSH does not natively support the PKI known as X.509,
> though Roumen's patches [0] provide X.509 support.
>
> And OpenSSH also does not internally support the PKI known as OpenPGP,
> though the Monkeysphere project [1] can be used with any recent
> stock/unpatched SSH to provide OpenPGP support.
>
Alright, I'm not really caring about x509 right now, my original
question was about FIPS. Will it make new releases? Will the patches I
found on bugzilla build with 5.4p1?
More information about the openssh-unix-dev
mailing list