Status: IN
FIPS compliance in OpenShift is a cross-cutting constraint spanning three dimensions: install-time (must install from a FIPS-enabled RHEL machine), runtime (CRI-O propagates FIPS awareness to containers, SSH keys restricted to RSA/ECDSA), and architecture (validated only on x86_64, ppc64le, s390x — not ARM)
depth-1 — four base FIPS beliefs group into a three-dimensional enforcement model showing FIPS is not a single toggle but a pervasive constraint
Depends on (SL): fips-requires-fips-enabled-rhel, ocp-fips-requires-rsa-or-ecdsa-not-ed25519, ocp-crio-provides-fips-awareness, fips-supported-x86-ppc64le-s390x