[Opendnssec-maintainers] supported sqlite3 version
John Dickinson
jad at sinodun.com
Fri Apr 12 14:08:33 UTC 2013
On 12 Apr 2013, at 13:42, Paul Wouters <pwouters at redhat.com> wrote:
> On 04/12/2013 07:08 AM, John Dickinson wrote:
>
>>> I would recommend waiting for RHEL and ubuntu LTS to be upgraded before demanding this switch. RHEL-7 will have sqlite 3.7.x.
>>
>> You would be happy even though RHEL-6 extended support goes until 2023?
>
> But you can tell people to use RHEL7 instead. Supported does not mean "dont use anything newer/better" :)
>
>> Another option is for us to have configure detect the sqlite version and only compile new features if it detects 3.7.x.
>>
>>> Related, opendnssec won't be able to get into RHEL-6 properly (as opposed to being in EPEL-6) as long as it uses a non-approved/non-certified crypto library (botan). The only allowed crypto libraries are nss, openssl and libgcrypt.
>>
>> Out of interest, what are the requirements needed to become approved and certified?
>
> A ship of money, and lots of time. And on a continued basis because every time there is a change in the crypto software, it has to get re-certified. And we are talking a lot more then just a few thousand dollars. So it is extremely unlikely to change in the next couple of years.
Do you mean fips-140 compliant or some kind of redhat compliant?
Thanks
John
More information about the Opendnssec-maintainers
mailing list