MD5 is used for 2 things in Suricata update:
- Its general practice for rule distributors to provide a URL with a
.md5extension that has the MD5 of the ruleset. This is used as quick check to see if the ruleset needs to be downloaded. - Internal file change tracking is done by hashing the file contents to md5 as its already used by the above, and its good enough/safe for this purpose.
The only other time the FIPS thing has come up, the person wasn’t too concerned and had a work-around so I didn’t look into any further, but perhaps its something we should look into.