| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 23 Dec 2020 15:10:14 +0100
From: Petr Tesarik <ptesarik@...e.cz>
To: Torsten Duwe <duwe@....de>
Cc: Marcelo Henrique Cerri <marcelo.cerri@...onical.com>,
"Jason A. Donenfeld" <Jason@...c4.com>,
"Theodore Y. Ts'o" <tytso@....edu>,
Linus Torvalds <torvalds@...ux-foundation.org>,
Stephan Müller <smueller@...onox.de>,
Willy Tarreau <w@....eu>,
Linux Crypto Mailing List <linux-crypto@...r.kernel.org>,
Nicolai Stange <nstange@...e.de>,
LKML <linux-kernel@...r.kernel.org>,
Arnd Bergmann <arnd@...db.de>,
"Eric W. Biederman" <ebiederm@...ssion.com>,
"Alexander E. Patrakov" <patrakov@...il.com>,
"Ahmed S. Darwish" <darwish.07@...il.com>,
Matthew Garrett <mjg59@...f.ucam.org>,
Vito Caputo <vcaputo@...garu.com>,
Andreas Dilger <adilger.kernel@...ger.ca>,
Jan Kara <jack@...e.cz>, Ray Strode <rstrode@...hat.com>,
William Jon McCann <mccann@....edu>,
zhangjs <zachary@...shancloud.com>,
Andy Lutomirski <luto@...nel.org>,
Florian Weimer <fweimer@...hat.com>,
Lennart Poettering <mzxreary@...inter.de>,
Peter Matthias <matthias.peter@....bund.de>,
Neil Horman <nhorman@...hat.com>,
Randy Dunlap <rdunlap@...radead.org>,
Julia Lawall <julia.lawall@...ia.fr>,
Dan Carpenter <dan.carpenter@...cle.com>,
And y Lavr <andy.lavr@...il.com>,
Eric Biggers <ebiggers@...nel.org>,
Ard Biesheuvel <ardb@...nel.org>, simo@...hat.com
Subject: Re: drivers/char/random.c needs a (new) maintainer
On Wed, 23 Dec 2020 13:28:51 +0100
Torsten Duwe <duwe@....de> wrote:
>[...]
> > collaboration and disengage people. More than simply reviewing patches
> > I would expect a maintainer to give directions and drive the
> > community. Asking Jason to review Nicolai's patches was a step towards
> > that, but I believe we still could benefit from better communication.
>
> Even regarding this I'm not so sure it was a good idea. Jason seems to
> narrow the proposed changes down to "FIPS certification", when it
> actually is a lot more. I think his motivation suffers because of his
> personal dislike.
Upfront, let me admit that SUSE has a vested interest in a FIPS-certifiable Linux kernel.
However, it seems to me that nobody can be happy about keeping the current status quo forever. Even in the hypothetical case that the RNG maintainer rejected the whole idea merely because it makes it possible to achieve NIST compliance, and he detests standards compliance, it would still be better than no decision at all. The silence is paralyzing, as it blocks any changes in upstream, while also making it difficult to maintain an out-of-tree implementation that aims at becoming upstream eventually.
The only option ATM is a fork (similar to what the Xen folks did with XenLinux many years ago). IOW the current situation demotivates contributors from being good citizens. I hope we can find a better solution together.
Petr Tesarik
SUSE HW Enablement Team
Content of type "application/pgp-signature" skipped
Powered by blists - more mailing lists