Red Hat Bugzilla – Bug 347711
Port net-snmp to use NSS library for cryptography
Last modified: 2014-09-01 04:18:02 EDT
net-snmp should be ported to use NSS library for cryptography.
See the tracking bug for details and links on how it could be done.
What cryptography does SNMP require?
(In reply to comment #2)
> What cryptography does SNMP require?
See rfc 3414.
It looks like it just needs DES in CBC mode. Is that the only encryption it needs?
Does it do any other PKI operations like digital signing?
What about RFC 3826? Is that mode supported in Fedora/RHEL?
(In reply to comment #5)
> What about RFC 3826? Is that mode supported in Fedora/RHEL?
Yes, it is. It would be best if you looked into the sources by yourself (there is no list of supported RFCs). You can look into the sources by yourself, or look at what symbols it uses from openssl.
I think it's time to close this bug. I personally think that NSS has all the necessary features, we just miss the code. Patches are welcome upstream.