Yep, did so right away. and yes, this is for the future state of IPA.
Michael Sean Conley
Intelligence, Information and Services
From: Martin Kosek <mko...@redhat.com>
To: Michael Sean Conley <michael.sean.con...@raytheon.com>, Rob
Date: 08/05/2016 06:33 AM
Subject: Re: [Freeipa-users] IPA and FIPS 140-2
Are you now asking about when upstream version is FIPS compliant or some
downstream distribution? If you are asking about RHEL, as indicated by
the bug is still in a NEW state. Given the state of RHEL-7.3 life cycle, it
too late to add it there.
However, as Rob mentioned, it would really great if you file a support case
we are talking about RHEL) and get it linked to that bug. Due to the
it is already high in the RHEL-7.4 considerations, but adding +1 won't hurt
you may also receive updates on development status.
On 08/04/2016 06:40 PM, Michael Sean Conley wrote:
> Is there any indication of a timeframe for it to become FIPS compliant?
> are talking weeks, rather than years...
> *Michael Sean Conley*
> Inactive hide details for Rob Crittenden ---08/04/2016 11:37:23
> Sean Conley wrote: > Does ANYONE have any experienRob Crittenden
> 11:37:23 AM---Michael Sean Conley wrote: > Does ANYONE have any
> getting IPA to work with FIPS?
> From: Rob Crittenden <rcrit...@redhat.com>
> To: Michael Sean Conley <michael.sean.con...@raytheon.com>,
> Date: 08/04/2016 11:37 AM
> Subject: Re: [Freeipa-users] IPA and FIPS 140-2
> Michael Sean Conley wrote:
>> Does ANYONE have any experience getting IPA to work with FIPS?
>> We're trying desperately to get this going, as we have some requirements
>> that the Identity Management Tool we choose must be FIPS 140-2
> No, it doesn't work in FIPS mode yet. If you open a support case with
> Red Hat your case can be added to
> While most, if not all, of the individual components can run in FIPS
> mode there are a lot of moving parts to coordinate to ensure they comply
> with the FIPS Security Policy and to handle some corner cases in the
> management framework.
Manage your subscription for the Freeipa-users mailing list:
Go to http://freeipa.org for more info on the project