[lxc-devel] [PATCH 1/1] lxc_create: prepend pretty header to config file
Serge Hallyn
serge.hallyn at ubuntu.com
Fri Jul 12 16:00:09 UTC 2013
Quoting Daniel P. Berrange (berrange at redhat.com):
> Copy+pasting code for encryption algorithms is really not nice.
> It means that instead of distributors of your package being able
> to rely on the fact 'gnutls' is (eg) FIPS certified, they now have
> to explicitly certify the copy of the code in your package too :-(
Interesting point, thanks. (I had considered the more general problem
of library updates, but I deemed the likelyhood of sha1.c needing
updates to be low)
Haven't dealt with FIPS in many years, but I *thought* that in the
past you had to do a full certification anyway if you dynamically
linked. Am I wrong about that?
-serge
More information about the lxc-devel
mailing list