Comments

1 comment

  • Official comment
    Avatar
    Ian Butteriss

    Hi William, thank you for your query. There are several things that have to happen before we can get to that point.

    We would like to release a version of Cerberus that supports TLS 1.3. What is holding us back at this point is currently the OpenSSL 1.1.1 branch which is not FIPS 140-2 certified yet. 

    Once OpenSSL version 3.0 is released, we will then include support for TLS 1.3

    OpenSSL 3 has been submitted for 140-2 validation. Once this is approved, it will allow Cerberus to support TLS v1.3 with FIPS 140-2. There is no mention yet of 140-3 yet. Here is the submission announcement from OpenSSL.

     
    however, we expect once the above is done, the process will start to get validation of OpenSSH with FIPS-140-3.
     
    So, it's going to be a while before Cerberus is going to be able to support 140-3.
     
    Thank you!
    Ian Butteriss
    Cerberus Senior Application Support Engineer
    Comment actions Permalink

Please sign in to leave a comment.