Lost change in rke2/docs during transfer concerning FIPS support

[siprbaum]

In rancher/rke2#3405 "Update fips_support.md" a change was made in regard to the FIPS support, in effect telling that the original FIPS certification is marked as historical and adding the following clarifying statement:

However due to changes introduced by SP 800-56A Rev3, this validation is now historical. A re-validation effort is currently underway to return this module to active FIPS 140-2 status.

This was not copied over in #7 "Sync with rke2/docs" to this repo.

It is not clear - at least when looking at rancher/rke2#3405 - if rke2 is now FIPS 140-2 compliant or not. According to https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3836 - its status is marked as historical.

Is there a re-validation effort ongoing? And if it is, is there some rough timeline available?

[cwayne18]

Thanks for catching this! For additional context, re-validation is indeed in progress, with a resolution expected (i.e. not promised) in a matter of months.

[gauravgulrajani]

Thanks for catching this! For additional context, re-validation is indeed in progress, with a resolution expected (i.e. not promised) in a matter of months.

Is there an update to this compliance exercise? Would be interested to know.