Hello, I can speak to this (my team at Red Hat helped push this work forward).
You might refer to this comment (and the rest of the thread) for some details: https://github.com/golang/go/issues/69536#issuecomment-2673963221. Essentially, the module is being tested right now, and the overall timeline for full certification is around 1-2 years. On Tuesday, March 4, 2025 at 2:01:12 PM UTC-8 Jason E. Aten wrote: > Hi Jussi, I think (I could be wrong though) that is Filippo's project > https://filippo.io/. I don't recall > him frequenting golang-nuts, so you might try to converse with him more > directly. > > On Tuesday, March 4, 2025 at 5:35:29 PM UTC Jussi Nummelin wrote: > >> Hey, >> >> I was pleasantly surprised to see that from 1.24 onwards, Golang itself >> will have/get FIPS support. >> >> It says on the description <https://go.dev/doc/security/fips140>: >> > Go Cryptographic Module version v1.0.0 is currently under test with a >> CMVP-accredited laboratory. >> >> Does anyone know any timeline expectations of when that testing would be >> done and when Golang 1.24+ would have the "official" FIPS stamp on it? And >> no, I'm not expecting anyone to really know a specific date but even a >> rough estimate like "in the summertime", "next year" would greatly help us >> decide whether we can wait for it or do we need to start working on some >> custom solution, which would be less than desirable naturally. :D >> >> Cheers, >> - Jussi - >> >> >> >> >> -- You received this message because you are subscribed to the Google Groups "golang-nuts" group. To unsubscribe from this group and stop receiving emails from it, send an email to golang-nuts+unsubscr...@googlegroups.com. To view this discussion visit https://groups.google.com/d/msgid/golang-nuts/acd13885-ff48-4e72-a31f-be878c0a71a1n%40googlegroups.com.
