en-US/Security.xml

Thu Apr 2 19:00:08 UTC 2009

en-US/Security.xml |   69 +++++++++++++++++++++++++++++++++++++++++++----------
 1 file changed, 57 insertions(+), 12 deletions(-)

New commits:
commit 4620a6fe870eb6415ad7fa195ab3fe110b82e7db
Author: John J. McDonough <jjmcd at fedoraproject.org>
Date:   Thu Apr 2 14:59:45 2009 -0400

    Add Security content from the wiki

diff --git a/en-US/Security.xml b/en-US/Security.xml
index 83cd236..8b34cad 100644
--- a/en-US/Security.xml
+++ b/en-US/Security.xml
@@ -3,15 +3,60 @@
 ]>
 
 <section>
-        <title>Security</title>
-        <remark>This beat is located here: <ulink type="http" url="https://fedoraproject.org/wiki/Docs/Beats/Security">https://fedoraproject.org/wiki/Docs/Beats/Security</ulink></remark>
-        <para>
-		This section highlights various security items from Fedora. 
-	</para>
-		<section>
-			<title>SHA-2 support </title>
-			<para>
-				TBD: application-specific notes about SHA-2 will go here. See <ulink type="http" url="https://fedoraproject.org/wiki/Features/StrongerHashes#Release_Notes">Features/StrongerHashes#Release_Notes</ulink> and <ulink type="http" url="https://fedoraproject.org/wiki/Hash_algorithm_migration_status#Configuration">Hash_algorithm_migration_status#Configuration</ulink>. 
-			</para>
-		</section>
-    </section>
+  <title>Security</title>
+  <remark>This beat is located here: <ulink type="http" url="https://fedoraproject.org/wiki/Docs/Beats/Security">https://fedoraproject.org/wiki/Docs/Beats/Security</ulink></remark>
+  <para>
+    This section highlights various security items from Fedora. 
+  </para>
+
+  <section>
+    <title>Fingerprint Readers</title>
+    <para>
+      Fingerprint readers are now better integrated with Fedora
+      11. Gnome users can easily setup fingerprint authentication
+      using <package>gnome-about-me</package>, and will allow the
+      ability to login from both <package>gdm</package> and
+      <package>gnome-screensaver</package>.
+    </para>
+  </section>
+
+  <section>
+    <title>DNSSEC</title>
+    <para>
+      DNSSEC (DNS SECurity) is mechanism which provides integrity and
+      authenticity of DNS data.
+    </para>
+  </section>
+
+  <section>
+    <title>System Security Services Daemon</title>
+    <para>
+      The SSSD is intended to provide several key feature enhancements
+      to Fedora. The first being the addition of offline caching for
+      network credentials. Authentication through the SSSD will
+      potentially allow LDAP, NIS, and FreeIPA services to provide an
+      offline mode, to ease the use of centrally managing laptop
+      users.
+    </para>
+    <para>
+      The LDAP features will also add support for connection
+      pooling. All communication to the ldap server will happen over a
+      single persistent connection, reducing the overhead of opening a
+      new socket for each request. The SSSD will also add support for
+      multiple LDAP/NIS domains. It will be possible to connect to two
+      or more LDAP/NIS servers acting as separate user namespaces.
+    </para>
+  </section>
+
+  <section>
+    <title>SHA-2 support </title>
+    <para>
+      Fedora now uses the SHA-256 digest algorithm for data
+      verification and authentication in more places than before,
+      migrating from the weaker SHA-1 and MD5 algorithms. Where
+      possible, the migration was transparent; in other places the
+      default configuration was changed or manual configuration is
+      necessary to use the stronger algorithms.
+    </para>
+  </section>
+</section>



