We're sorry but this page doesn't work properly without JavaScript enabled. Please enable it to continue.
Feedback

Custom Crypto Policies by Examples

Formal Metadata

Title
Custom Crypto Policies by Examples
Subtitle
Management of crypto algorithm restrictions
Title of Series
Number of Parts
490
Author
License
CC Attribution 2.0 Belgium:
You are free to use, adapt and copy, distribute and transmit the work or content in adapted or unchanged form for any legal purpose as long as the work is attributed to the author in the manner specified by the author or licensor.
Identifiers
Publisher
Release Date
Language

Content Metadata

Subject Area
Genre
Abstract
Management of allowed cryptographical algorithms to disallow algorithms not allowed due to weaknesses or restrictions by certification standards is complicated task. The talk will introduce system-wide crypto-policies concept and implementation as an attempt to help system administrators with this task. This talk replaces "OSINT" talk which was schedulled initially, but David Busby could not attend on the short notice. The system-wide crypto-policies were introduced in Fedora 21 in 2014. Since that time the tool evolved a lot especially with the recent introduction of run-time generation of configuration from a policy definition file and introduction of sub-policy concept. The feature is called Custom crypto policies. The crypto-policies nowadays help management of crypto algorithms not only in Fedora but also in Red Hat Enterprise Linux 8. It will be shown how the policy definition file looks like and how it is converted to the actual crypto library configuration.