Uploaded image for project: 'Project Quay'
  1. Project Quay
  2. PROJQUAY-216

Achieve FIPS 140-3 validation with Quay

    XMLWordPrintable

Details

    • 0
    • 0% 0%
    • 0

    Description

      Since all regulated customers in the US require FIPS 140-3 compliance (no waivers anymore) and we position Quay for security / governance focused customers we should become FIPS certified similar to what we're working on for OpenShift in parallel. Some background on FIPS here: https://mojo.redhat.com/groups/products-and-technologies/blog/2019/06/25/what-is-fips-and-why-should-i-care 

      Attachments

        Issue Links

          is incorporated by

          Epic - Created by Jira Software - do not edit or delete. Issue type for a big user story that needs to be broken down. PROJQUAY-1546 Quay and Clair become FIPS 140-3 compliant

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • New
          relates to

          Epic - Created by Jira Software - do not edit or delete. Issue type for a big user story that needs to be broken down. PROJQUAY-1340 Quay runs fine on top of an FIPS-enabled OpenShift Cluster

          • Blocker - To be worked above all other priorities. This term is chosen when the severity of the issue is very high, has no workaround, or the effort for the change is comparatively low. Issues that may be very publicly visible and could generate significant media attention may also drive a higher priority.
          • Closed

          Bug - A problem that impairs or prevents the functions of the product. PROJQUAY-649 "openssl passwd" incorrect on OCP4 with FIPS mode enabled

          • Critical - To be worked on immediately following BLOCKER issues.
          • Closed

          Task - Represents a small unit of work that is not end-user facing. PROJQUAY-224 Switch to python-cryptography completely

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Closed

          Activity

            People

              bdettelb@redhat.com Bill Dettelback
              dirk.herrmann Dirk Herrmann (Inactive)
              Votes:
              40 Vote for this issue
              Watchers:
              29 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: