I'm doing some testing regarding FIPS validation with an application that currently isn't. I am able to disable FIPS so the application can startup, and then I enable FIPS while using the application.
The thing is, some of the functionality that I would expect not to work is working - so I am wondering why is this? Are the classes that use FIPS not validated if they were already instantiated when FIPS was disabled?
At least for classes in System.Security.Cryptography, the check for FIPS policy enforcement happens at object instantiation time.