[openstack-dev] [Openstack-operators] FIPS Compliance

Julia Kreger juliaashleykreger at gmail.com
Tue Nov 6 14:03:05 UTC 2018


On Tue, Nov 6, 2018 at 5:07 AM Doug Hellmann <doug at doughellmann.com> wrote:

> Sean McGinnis <sean.mcginnis at gmx.com> writes:
>
> > I'm interested in some feedback from the community, particularly those
> running
> > OpenStack deployments, as to whether FIPS compliance [0][1] is something
> folks
> > are looking for.
> [trim]
>
> I know we've had some interest in it at different times. I think some of
> the changes will end up being backwards-incompatible, so we may need a
> "FIPS-mode" configuration flag for those, but in other places we could
> just switch hashing algorithms and be fine.
>
> I'm not sure if anyone has put together the details of what would be
> needed to update each project, but this feels like it could be a
> candidate for a goal for a future cycle once we have that information
> and can assess the level of effort.
>
> Doug
>
>
+1 to a FIPS-mode. I think it would be fair to ask projects, to over the
course of the next month or three, to evaluate their current standing and
report what they perceive the effort to be.

I think only then we can really determine if it is the right direction to
take for a cycle goal.

-Julia
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20181106/e4447e07/attachment.html>


More information about the OpenStack-dev mailing list