FIPS Surface Reduction in Red Hat Enterprise Linux 8 (S32c)
During the development cycle of Red Hat Enterprise Linux 8, the RHEL Crypto team engineers have worked on multiple fronts to both increase the amount of software we can consider FIPS compliant as well as reducing the number of module that we validate. This presentation will explore how Red Hat worked with upstream Open Source communities as well as with internal maintainers of RHEL packages to achieve this challenging goal. We’ll show what changes have been necessary to the various components in RHEL and how they were implemented, the challenges and the issues that remain open.