Debian considers switching curl to use libssh instead of libssh2
Will Cosgrove
will at panic.com
Tue Jan 4 18:05:05 CET 2022
We do zero some sensitive data, but could be reviewed for completeness.
Cheers,
Will
> On Jan 2, 2022, at 1:33 PM, Daniel Stenberg via libssh2-devel <libssh2-devel at lists.haxx.se> wrote:
>
> On Sun, 2 Jan 2022, Andreas Schneider wrote:
>
>> FIPS 140-2: 4.7.6 Key Zeroization
>
> The cryptographic module must do this, yes (apparently also according to 140-3 which is the current FIPS version). It just confuses me, since libssh2 isn't a crypto module. Clearly there are details here I'm not educated in. I'll just leave it.
More information about the libssh2-devel
mailing list