en-US/Security.xml
John J. McDonough
jjmcd at fedoraproject.org
Thu Apr 2 19:00:08 UTC 2009
en-US/Security.xml | 69 +++++++++++++++++++++++++++++++++++++++++++----------
1 file changed, 57 insertions(+), 12 deletions(-)
New commits:
commit 4620a6fe870eb6415ad7fa195ab3fe110b82e7db
Author: John J. McDonough <jjmcd at fedoraproject.org>
Date: Thu Apr 2 14:59:45 2009 -0400
Add Security content from the wiki
diff --git a/en-US/Security.xml b/en-US/Security.xml
index 83cd236..8b34cad 100644
--- a/en-US/Security.xml
+++ b/en-US/Security.xml
@@ -3,15 +3,60 @@
]>
<section>
- <title>Security</title>
- <remark>This beat is located here: <ulink type="http" url="https://fedoraproject.org/wiki/Docs/Beats/Security">https://fedoraproject.org/wiki/Docs/Beats/Security</ulink></remark>
- <para>
- This section highlights various security items from Fedora.
- </para>
- <section>
- <title>SHA-2 support </title>
- <para>
- TBD: application-specific notes about SHA-2 will go here. See <ulink type="http" url="https://fedoraproject.org/wiki/Features/StrongerHashes#Release_Notes">Features/StrongerHashes#Release_Notes</ulink> and <ulink type="http" url="https://fedoraproject.org/wiki/Hash_algorithm_migration_status#Configuration">Hash_algorithm_migration_status#Configuration</ulink>.
- </para>
- </section>
- </section>
+ <title>Security</title>
+ <remark>This beat is located here: <ulink type="http" url="https://fedoraproject.org/wiki/Docs/Beats/Security">https://fedoraproject.org/wiki/Docs/Beats/Security</ulink></remark>
+ <para>
+ This section highlights various security items from Fedora.
+ </para>
+
+ <section>
+ <title>Fingerprint Readers</title>
+ <para>
+ Fingerprint readers are now better integrated with Fedora
+ 11. Gnome users can easily setup fingerprint authentication
+ using <package>gnome-about-me</package>, and will allow the
+ ability to login from both <package>gdm</package> and
+ <package>gnome-screensaver</package>.
+ </para>
+ </section>
+
+ <section>
+ <title>DNSSEC</title>
+ <para>
+ DNSSEC (DNS SECurity) is mechanism which provides integrity and
+ authenticity of DNS data.
+ </para>
+ </section>
+
+ <section>
+ <title>System Security Services Daemon</title>
+ <para>
+ The SSSD is intended to provide several key feature enhancements
+ to Fedora. The first being the addition of offline caching for
+ network credentials. Authentication through the SSSD will
+ potentially allow LDAP, NIS, and FreeIPA services to provide an
+ offline mode, to ease the use of centrally managing laptop
+ users.
+ </para>
+ <para>
+ The LDAP features will also add support for connection
+ pooling. All communication to the ldap server will happen over a
+ single persistent connection, reducing the overhead of opening a
+ new socket for each request. The SSSD will also add support for
+ multiple LDAP/NIS domains. It will be possible to connect to two
+ or more LDAP/NIS servers acting as separate user namespaces.
+ </para>
+ </section>
+
+ <section>
+ <title>SHA-2 support </title>
+ <para>
+ Fedora now uses the SHA-256 digest algorithm for data
+ verification and authentication in more places than before,
+ migrating from the weaker SHA-1 and MD5 algorithms. Where
+ possible, the migration was transparent; in other places the
+ default configuration was changed or manual configuration is
+ necessary to use the stronger algorithms.
+ </para>
+ </section>
+</section>
More information about the Fedora-docs-commits
mailing list