Skip to content

Drop libgcrypt? #485

Open
Story
Open
Drop libgcrypt?#485
Story
Labels
business decisionNeeds input from BU and/or Product OwnercleanupRemoval of deprecated or unwanted packages
@yselkowitz

Description

@yselkowitz
yselkowitz
opened on Apr 20, 2026

RHEL includes openssl, nss, and gnutls/nettle crypto stacks. If at all possible, we should minimize or even remove libgcrypt, as it the least used and doesn't support FIPS.

The big one here is gnupg2, which is used throughout the stack for signature generation and verification; it will need to be replaced by sequoia packages in order for this to be possible.

  • freeipmi
  • gcr3 (Drop gcr3 #449 )
  • gnome-keyring (may be replaced by oo7)
  • gnupg2
  • libguestfs-fssupport (?)
  • libguestfs-winsupport (?)
  • openscap (nss is also supported)
  • scrub (bundled custom AES implementation is also supported)
  • usbguard (openssl is also supported)
  • wireshark

Runtime deps: https://tiny.distro.builders/view-rpm--view-eln--libgcrypt.html
Build deps: https://tiny.distro.builders/view-rpm--view-eln--libgcrypt-devel.html

(It looks like a few packages have stale build deps on libgcrypt-devel that aren't needed anymore.

Metadata

Metadata

Assignees

No one assigned

    Labels

    business decisionNeeds input from BU and/or Product OwnercleanupRemoval of deprecated or unwanted packages

    Type

    Story

    Projects

    ELN FY26

    Status

    Backlog

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions