Hello,
This is a generic question for the legal, whether it is fine to bring
the new OpenSSH 8.0 (due to be released in coming weeks) to Fedora,
since it is implementing the following algorithm, which can be possibly
considered problematic from legal point of view. From release notes
[1]:
OpenSSH 8.0 adds experimental support for quantum-computing resistant
key exchange method, based on a combination of Streamlined NTRU
Prime 4591^761 and X25519.
Can you let me know, whether it is fine to bring this in Fedora and
later in RHEL?
[1]
https://lists.mindrot.org/pipermail/openssh-unix-dev/2019-March/037672.html
Regards,
--
Jakub Jelen
Senior Software Engineer
Security Technologies
Red Hat, Inc.