Skip to content

DGS-22768 Update FIPS documentation for 140-3 compliance #2119

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 2 commits into
base: master
Choose a base branch
from
Open

DGS-22768 Update FIPS documentation for 140-3 compliance #2119

wants to merge 2 commits into from

Conversation

@kcorman0
Copy link
Member

What

FIPS 140-3 (newest) requires a newer openssl version, updating documentation around this. Also went through SR dependencies and believe they're still compliant.

Probably need a +1 from clients team for non-SR aspect of this client as the change implies entire client is 140-3 compliant.

Checklist

  • [N] Contains customer facing changes? Including API/behavior changes
  • [Y] Did you add sufficient unit test and/or integration test coverage for this PR?
    • If not, please explain why it is not required

References

JIRA:

Test & Review

Open questions / Follow-ups
Copilot AI review requested due to automatic review settings October 31, 2025 20:23
@kcorman0 kcorman0 requested review from a team and MSeal as code owners October 31, 2025 20:23
@confluent-cla-assistant
Copy link

🎉 All Contributor License Agreements have been signed. Ready to merge.
Please push an empty commit if you would like to re-run the checks to verify CLA status for all contributors.
Copilot AI reviewed Oct 31, 2025
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR updates FIPS documentation to support FIPS 140-3 compliance by clarifying the differences between FIPS 140-2 and FIPS 140-3, updating OpenSSL version requirements, and providing clearer guidance for new deployments.

  • Updated OpenSSL version requirements to support both FIPS 140-2 (OpenSSL 3.0.x) and FIPS 140-3 (OpenSSL 3.1.2+)
  • Added recommendation for FIPS 140-3 for new deployments due to upcoming federal procurement requirements
  • Updated configuration examples and links to point to the newer OpenSSL version

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
@sonarqube-confluent
Copy link

Quality Gate passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
No data about Duplication

See analysis details on SonarQube
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

2 participants

@kcorman0