Ok, good! BTW, I opened the IPA and FIPS bug to the public, so that everyone can track the progress:
https://bugzilla.redhat.com/show_bug.cgi?id=1125174 Martin On 08/08/2016 04:24 PM, Michael Sean Conley wrote: > Yep, did so right away. and yes, this is for the future state of IPA. > > > *Michael Sean Conley* > Hardware/Infrastructure > Intelligence, Information and Services > *Raytheon Company* > 972-643-9887 (office) > > [email protected] > > Inactive hide details for Martin Kosek ---08/05/2016 06:33:27 AM---Are you now > asking about when upstream version is FIPS complMartin Kosek ---08/05/2016 > 06:33:27 AM---Are you now asking about when upstream version is FIPS compliant > or some downstream distribution? If > > From: Martin Kosek <[email protected]> > To: Michael Sean Conley <[email protected]>, Rob Crittenden > <[email protected]> > Cc: [email protected] > Date: 08/05/2016 06:33 AM > Subject: Re: [Freeipa-users] IPA and FIPS 140-2 > > ------------------------------------------------------------------------------- > > > > Are you now asking about when upstream version is FIPS compliant or some > downstream distribution? If you are asking about RHEL, as indicated by > https://bugzilla.redhat.com/show_bug.cgi?id=1125174 > the bug is still in a NEW state. Given the state of RHEL-7.3 life cycle, it is > too late to add it there. > > However, as Rob mentioned, it would really great if you file a support case > (if > we are talking about RHEL) and get it linked to that bug. Due to the interest, > it is already high in the RHEL-7.4 considerations, but adding +1 won't hurt > and > you may also receive updates on development status. > > Martin > > On 08/04/2016 06:40 PM, Michael Sean Conley wrote: >> Is there any indication of a timeframe for it to become FIPS compliant? If >> we >> are talking weeks, rather than years... >> >> *Michael Sean Conley* >> >> >> Inactive hide details for Rob Crittenden ---08/04/2016 11:37:23 AM---Michael >> Sean Conley wrote: > Does ANYONE have any experienRob Crittenden >> ---08/04/2016 >> 11:37:23 AM---Michael Sean Conley wrote: > Does ANYONE have any experience >> getting IPA to work with FIPS? >> >> From: Rob Crittenden <[email protected]> >> To: Michael Sean Conley <[email protected]>, >> [email protected] >> Date: 08/04/2016 11:37 AM >> Subject: Re: [Freeipa-users] IPA and FIPS 140-2 >> >> ------------------------------------------------------------------------------- >> >> >> >> Michael Sean Conley wrote: >>> Does ANYONE have any experience getting IPA to work with FIPS? >>> >>> We're trying desperately to get this going, as we have some requirements >>> that the Identity Management Tool we choose must be FIPS 140-2 compliant. >> >> No, it doesn't work in FIPS mode yet. If you open a support case with >> Red Hat your case can be added to >> https://bugzilla.redhat.com/show_bug.cgi?id=1125174 >> >> While most, if not all, of the individual components can run in FIPS >> mode there are a lot of moving parts to coordinate to ensure they comply >> with the FIPS Security Policy and to handle some corner cases in the >> management framework. >> >> rob >> >> >> > > -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
