Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-127954

Support PQC hybrid mode for GTK-VNC certificates

Linking RHIVOS CVEs to...Migration: Automation ...RHELPRIO AssignedTeam ...SWIFT: POC ConversionSync from "Extern...XMLWordPrintable

    • Icon: Story Story
    • Resolution: Unresolved
    • Icon: Undefined Undefined
    • None
    • None
    • gtk-vnc
    • None
    • None
    • rhel-virt-core-libvirt-2
    • None
    • False
    • False
    • Hide

      None

      Show
      None
    • None
    • None
    • None
    • None
    • Unspecified
    • Unspecified
    • Unspecified
    • None

      Goal

      In order to support the transition to post-quantum crypto, it is required to be able to load multiple parallel sets of (cert,key) pairs, with varying cipher algorithms (RSA, ECC, MLDSA).

      This requires an extension to the way  gtk-vnc locates  and loads certificates & keys.

      Acceptance criteria

      A list of verification conditions, successful functional tests, or expected outcomes in order to declare this story/task successfully completed.

      • Configure a VNC client with RSA cert, check it can connect to VNC servers with any of  RSA-only, or RSA+MLDSA certs, and fails with MLDSA certs
      • Configure a VNC client with MLDSA cert, check it can connect to VNC servers with any of  MLDSA-only, or RSA+MLDSA certs, and fails with RSA certs
      • Configure a VNC client with RSA+MLDSA certs, check it can connect to VNC servers with any of  RSA-only, or MLDSA-only or RSA+MLDSA certs

      Primary VNC server for testing should be QEMU

              rhn-engineering-berrange Daniel Berrangé
              rhn-engineering-berrange Daniel Berrangé
              virt-maint virt-maint
              Ganesh Hubale Ganesh Hubale
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

                Created:
                Updated: