In the upcoming Go version 1.24, there are several improvements related to FIPS 140-3 compliance golang/go#69536. This issue is to track the problems we are encountering when using Go 1.24 with the...
@jameshubbard QUIC itself cannot be FIPS validated. FIPS requires the cryptographic nonce to be inside the FIPS boundary, but the QUIC protocol defines the nonce itself. Which means no FIPS HTTP/3.
I have not used it yet, but I would like to eventually do some measurement experiments. Along with some ECH tests.
Last I checked I can't do either without building from feature branches, which was just inconvenient enough for something that wasn't a priority. On my todo list if that feedback helps?
James Hubbard
in reply to daniel:// stenberg:// • • •if QUIC were able to used with FIPS those that need FIPS support might want to have it available.
Go related discussion about FIPS and QUIC
github.com/quic-go/quic-go/iss…
FIPS Compliance Issues with Go 1.24
juliens (GitHub)daniel:// stenberg://
in reply to James Hubbard • • •rsalz
in reply to daniel:// stenberg:// • • •testssl.sh
in reply to daniel:// stenberg:// • • •Just the command line for testing the next incarnation of my server (IPs aren't final, thus masked here)
Much appreciated, thanks!
John Kristoff
in reply to daniel:// stenberg:// • • •I have not used it yet, but I would like to eventually do some measurement experiments. Along with some ECH tests.
Last I checked I can't do either without building from feature branches, which was just inconvenient enough for something that wasn't a priority. On my todo list if that feedback helps?
daniel:// stenberg://
in reply to John Kristoff • • •John Kristoff
in reply to daniel:// stenberg:// • • •𝙽𝙴𝚃𝚁𝙴𝚂𝙴𝙲
in reply to daniel:// stenberg:// • • •