Loading...

Linking RHIVOS CVEs to...

Migration: Automation ...

SWIFT: Generate New Ti...

SWIFT: POC Conversion

Sync from "Extern...

XML

Word

Printable

Type: Bug
Resolution: Done-Errata
Priority: Normal
Fix Version/s: rhel-10.1
Affects Version/s: rhel-10.1
Component/s: crypto-policies
Labels:
- Accepted
- CY25Q3
- Committed
- rn-yml

Fixed in Build:
crypto-policies-20250602-1.gita6d4d0c.el10
Regression:
No
Severity:
Low
Epic Link:
CRYPTO-16330
sprint_count:
1

AssignedTeam:
rhel-security-crypto
Sub-System Group:

ssg_security

Internal Target Milestone:
26
Story Points:
1.5
Blocked:
False
Ready:
False
Blocked Reason:

Hide

None

Show
None
Product Documentation Required:
Yes
Sprint:
Crypto25August

Acceptance Criteria:
Hide

AC1) FIPS policy:

prepend the following to group: P256-MLKEM768, P384-MLKEM1024 and MLKEM768-X25519

prepend the following to sign: MLDSA44, MLDSA65 and MLDSA87

prepend the following to key_exchange: KEM-ECDH

AC2) Applying FIPS policy does not cause warnings.
Show
AC1) FIPS policy: prepend the following to group: P256-MLKEM768, P384-MLKEM1024 and MLKEM768-X25519 prepend the following to sign: MLDSA44, MLDSA65 and MLDSA87 prepend the following to key_exchange: KEM-ECDH AC2) Applying FIPS policy does not cause warnings.
Preliminary Testing:
Pass
Errata Link:
https://errata.engineering.redhat.com/advisory/148296
Gating Tests:

Enabled
Test Coverage:

Automated

Release Note Type:
Feature
Release Note Text:

Hide
RN text in ~~RHEL-113008~~.

Feature, enhancement: FIPS cryptographic policy now enables hybrid ML-KEM and pure ML-DSA post-quantum cryptographic algorithms
Reason: demand for post-quantum cryptographic algorithms
Result: hosts in FIPS might start negotiating hybrid ML-KEM and pure ML-DSA algorithms; apply NO-PQ subpolicy (e.g., with update-crypto-policies --set FIPS:NO-PQ) to disable them back

Show
RN text in RHEL-113008 . Feature, enhancement: FIPS cryptographic policy now enables hybrid ML-KEM and pure ML-DSA post-quantum cryptographic algorithms Reason: demand for post-quantum cryptographic algorithms Result: hosts in FIPS might start negotiating hybrid ML-KEM and pure ML-DSA algorithms; apply NO-PQ subpolicy (e.g., with update-crypto-policies --set FIPS:NO-PQ) to disable them back
Release Note Status:
Done
ProdDocsReview-CCS:
Unspecified
ProdDocsReview-Dev:
Unspecified
ProdDocsReview-QE:
Unspecified

Experience:

PX Impact Score:
SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

Planning:
None

We intend to support PQC algorithms in FIPS mode too, when and in which modules we will certify them is unclear, but that doesn't change the overall intention.

Please include hybrid ML-KEM algorithms (including x25519 hybrids for TLS since that's compliant, but not for SSH yet, since algorithm fetching would fail in FIPS mode) and pure ML-DSA in the FIPS policy.

links to

RHBA-2025:148296 crypto-policies bug fix and enhancement update

upstream MR link

Assignee:: Alexander Sosedkin

Reporter:: Alicja Kario

Developer:: Alexander Sosedkin

QA Contact:: Ondrej Moris

Doc Contact:: Mirek Jahoda

Votes:: 0 Vote for this issue

Watchers:: 7 Start watching this issue

Created:: 2025/05/16 4:00 PM

Updated:: 2025/11/11 8:28 AM

Resolved:: 2025/11/11 8:28 AM

Target end:: 2025/08/25

Next Planned Release Date:: 2025/11/11

Release Date:: 2025/11/11

Details

Description

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates