I'm interested in some feedback from the community, particularly those running OpenStack deployments, as to whether FIPS compliance [0][1] is something folks are looking for.
I've been seeing small changes starting to be proposed here and there for things like MD5 usage related to its incompatibility to FIPS mode. But looking across a wider stripe of our repos, it appears like it would be a wider effort to be able to get all OpenStack services compatible with FIPS mode. This should be a fairly easy thing to test, but before we put in much effort into updating code and figuring out testing, I'd like to see some input on whether something like this is needed. Thanks for any input on this. Sean [0] https://en.wikipedia.org/wiki/FIPS_140-2 [1] https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.140-2.pdf __________________________________________________________________________ OpenStack Development Mailing List (not for usage questions) Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
