Many organizations require US Federal Information Processing Standard (FIPS) certification of the crypto code they are running. The certification process is lengthy, but the bigger problem is that the way the crypto subsystem is built into the kernel makes the result unable to be reused across kernel updates. I have proposed a patch series that decouples the crypto subsystem into a standalone loadable module, allowing a certified crypto module to be reused with multiple kernels and, thus, requiring fewer lengthy recertification delays.