***  Due to the impact of COVID-19 on NIST operations as well as a redirection of some NIST personnel to work on the new FIPS 140-3 standard, FIPS validation has slowed down for all vendors. ***

Background

FIPS is a hard requirement in the Federal space. Regulated industries and suppliers to the government must often use FIPS cyphers. There is also interest from some financial customers.

FedRAMP requires FIPS.

Tracking

https://csrc.nist.gov/Projects/cryptographic-module-validation-program/Modules-In-Process/Modules-In-Process-List

Please note: the RHEL 8.1 and RHEL 8.2 module submissions are both in progress. Some modules appear twice, e.g., "Red Hat Enterprise Linux 8 OpenSSL Cryptographic Module". There is no way on the tracker to see if it is 8.1 or 8.2, though we would expect 8.1 to be further ahead. Not all of the 8.2 modules appear in the list yet.

As of Aug 28, the expectation is Q1CY2021 for 8.1 modules and hopefully 8.2 modules will follow soon after.

Impact on RHCOS versions

RHCOS 4.6 is based on RHEL 8.2 content, making the EUS a good choice once fully validated.

RHCOS 4.7 will be based on RHEL 8.3 content.