FIPS-140 dracut-fips-aesni not in an .iso downloadable format

This is pretty weak of RedHat.
- If you want to run in FIPS 140-2 mode in RHEL6 or RHEL7, you (optionally) install dracut-fips-aesni rpm, which is only available via a subscription channel (not via an .iso). "AES New Instructions (AES-NI)"

There are a ton of non-Internet connected hosts in the world that are running FIPS 140-2 mode. They are built by .iso. They'll never hook to an Internet-based rpm channel. They'll only install the non-HW-optimized dracut-fips rpm.

The customers most likely to really use FIPS 140-2 mode will never install the dracut-fips-aesni rpm. So, aesni HW commands on tons of chips will never be used.

Maybe RedHat should at least crank out a security .iso, if they want for some reason to keep their optional channel under the subscription lock. Solution 260203 is also weak.