Security
FIPS And PQC Roadmap
FIPS-ready and post-quantum migration boundaries.
MeshKit's current crypto profile should be described narrowly. It is designed around WebCrypto-compatible primitives such as AES-GCM, P-256, HKDF, and SHA-256.
Do not describe the current implementation as FIPS-certified, HPKE, or post-quantum unless a release note explicitly says that changed.
Current Claim Boundary
| Claim | Status |
|---|---|
| Encrypts content before provider storage | Current behavior |
| Uses WebCrypto-compatible primitives | Current profile |
| FIPS-certified module | Not a current public guarantee |
| HPKE-compatible envelope | Not a current public guarantee |
| Post-quantum encryption | Roadmap only |
| Hybrid classical/PQC wrapping | Roadmap only |
Why This Matters
Security claims are product claims. If docs overstate cryptographic certification or roadmap behavior, users can make deployment decisions MeshKit does not actually support yet.
Future Migration Topics
Future FIPS/PQC work should document:
- algorithm identifiers in envelope metadata
- migration path for existing envelopes
- key rotation and rekey workflows
- compatibility with old clients
- provider metadata requirements
- test vectors and validation evidence
- release and deprecation timelines
What To Tell Users Today
Use wording like:
MeshKit encrypts content before provider storage using the current WebCrypto-compatible profile. It is not currently documented as FIPS-certified or post-quantum.Avoid wording like:
MeshKit is FIPS-ready and post-quantum secure.