Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

docs: make an actual policy recommendation for fips #2246

Merged
merged 2 commits into from
Jun 13, 2024
Merged

docs: make an actual policy recommendation for fips #2246

merged 2 commits into from
Jun 13, 2024

Conversation

camshaft
Copy link
Contributor

@camshaft camshaft commented Jun 12, 2024
edited
Loading

Description of changes:

Our documentation should make an actual recommendation for a FIPS security policy, rather than rely on the customer reading the s2n-tls docs. Ideally it would be default_fips, but that doesn't support TLS 1.3 currently. When it does, we should update this documentation to refer to that instead.

Testing:

I added a test to show the recommended policy working.

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

@camshaft camshaft force-pushed the camshaft/fips-recommendation branch from 0b10d93 to 96ffa3d Compare June 12, 2024 21:42
@camshaft camshaft marked this pull request as ready for review June 12, 2024 22:09
@camshaft camshaft requested a review from toidiu June 12, 2024 22:10
toidiu
toidiu previously approved these changes Jun 12, 2024
View reviewed changes
toidiu
toidiu reviewed Jun 12, 2024
View reviewed changes
quic/s2n-quic/src/tests/fips.rs Outdated

#[test]
fn default_fips_test() {
// TODO switch this to `default_fips` when the policy support TLS 1.3
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: could you link this issue: #2247

@camshaft camshaft enabled auto-merge (squash) June 12, 2024 23:52
@camshaft camshaft requested a review from toidiu June 12, 2024 23:54
@camshaft camshaft merged commit c25b075 into main Jun 13, 2024
128 of 129 checks passed
@camshaft camshaft deleted the camshaft/fips-recommendation branch June 13, 2024 16:44
@camshaft camshaft mentioned this pull request Jun 13, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@toidiu toidiu toidiu approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@camshaft @toidiu