Open
Description
Is your feature request related to a problem? Please describe.
Hi Photon OS team,
The FIPS 204 ML-DSA post-quantum signature algorithm seems to become the preferred one for future secure boot. The openssl 3.0 series' support will fade out next year and hybrid/composite pqc signature algorithms will be supported in 3.5++ only (openssl/openssl#26121).
| Version | Release Type | Release Date | Supported Until |
|---|---|---|---|
| 3.0 | LTS | Sep 2021 | Sep 2026 |
| 3.5 | LTS | Apr 2025 | Apr 2030 |
3.0 to 3.5 is a remarkable change. Early impact testing for openssl 3.5 in Photon OS could be helpful.
Describe the solution you'd like
Verified as described in STIG compliances, in dod-compliance-and-automation
Describe alternatives you've considered
No response
Additional context
fyi
https://nvlpubs.nist.gov/nistpubs/ir/2024/NIST.IR.8547.ipd.pdf