Closed siprbaum closed 1 year ago
Thanks for catching this! For additional context, re-validation is indeed in progress, with a resolution expected (i.e. not promised) in a matter of months.
Thanks for catching this! For additional context, re-validation is indeed in progress, with a resolution expected (i.e. not promised) in a matter of months.
Is there an update to this compliance exercise? Would be interested to know.
In rancher/rke2#3405 "Update fips_support.md" a change was made in regard to the FIPS support, in effect telling that the original FIPS certification is marked as historical and adding the following clarifying statement:
This was not copied over in #7 "Sync with rke2/docs" to this repo.
It is not clear - at least when looking at rancher/rke2#3405 - if rke2 is now FIPS 140-2 compliant or not. According to https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3836 - its status is marked as historical.
Is there a re-validation effort ongoing? And if it is, is there some rough timeline available?