[Nut-upsdev] porting nut to use nss for crypto (was: Re: /sbin/upsdrvctl unable to shutdown UPS due to (unmounted) shared library)

Arnaud Quette aquette.dev at gmail.com
Tue Sep 1 19:15:31 UTC 2009

Hi Michal,

2009/9/1 Arjen de Korte

> Citeren Michal Hlavinka
>  We would like to use nss for cryptography instead of OpenSSL. Reason for
>> this
>> is mostly for FIPS 140 validation.
>> See:
>> http://fedoraproject.org/wiki/FedoraCryptoConsolidation
>> http://fedoraproject.org/wiki/CryptoConsolidationEval
>> http://fedoraproject.org/wiki/CryptoConsolidationScorecard
>> also OpenSuSE prefers to use the nss for cryptography for the same reason
>> (
>> http://en.opensuse.org/SharedCertStore )
> The above makes lots of sense.

very interesting indeed!
even more knowing that I was considering a gnutls port (mostly for licensing
thanks a lot for these pointers ;-)

>  Would it be possible to use nss instead of openssl?
> Most likely, yes.
>  #ifdef blocks would be enough. I can prepare patches. What's your opinion?
> I would certainly welcome an effort to standardize here, so please provide
> patches if you have any available. Preferably for the SVN trunk version, but
> if you only have them for older versions, I could probably port them to the
> latest version.

seconded, your work here would be very much appreciated.

Linux / Unix Expert R&D - Eaton - http://www.eaton.com/mgeops
Network UPS Tools (NUT) Project Leader - http://www.networkupstools.org/
Debian Developer - http://www.debian.org
Free Software Developer - http://arnaud.quette.free.fr/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/nut-upsdev/attachments/20090901/9808f8b4/attachment.htm>

More information about the Nut-upsdev mailing list