Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-104607

enable ED25519 in RHEL-9 NSS policy

Linking RHIVOS CVEs to...Migration: Automation ...SWIFT: POC ConversionSync from "Extern...XMLWordPrintable

    • crypto-policies-20250721-1.git162e4cb.el9
    • No
    • Low
    • 1
    • rhel-security-crypto
    • 21
    • 26
    • 0.2
    • False
    • False
    • Hide

      None

      Show
      None
    • Yes
    • Crypto25August
    • Hide

      AC1) ED25519 is allowerd in NSS generated policies (all except FIPS).

      Show
      AC1) ED25519 is allowerd in NSS generated policies (all except FIPS).
    • Pass
    • Enabled
    • Automated
    • Enhancement
    • Hide
      Feature, enhancement: ED25519 support in NSS policy
      Reason: NSS update
      Result: ED25519 algorithm is going to be enabled in NSS policy by default and controllable by crypto-policies
      Show
      Feature, enhancement: ED25519 support in NSS policy Reason: NSS update Result: ED25519 algorithm is going to be enabled in NSS policy by default and controllable by crypto-policies
    • Proposed
    • Unspecified
    • Unspecified
    • Unspecified
    • None

      NSS RHEL-9 crypto-policy doesn't have ED25519, which is likely just an oversight. Wire it up to `sign = EDDSA-ED25519`.

              asosedki@redhat.com Alexander Sosedkin
              asosedki@redhat.com Alexander Sosedkin
              Alexander Sosedkin Alexander Sosedkin
              Ondrej Moris Ondrej Moris
              Mirek Jahoda Mirek Jahoda
              Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

                Created:
                Updated: