Example EDK2 encrypted private key in the IpSecDxe.efi present potential security risks.
Created edk2 tracking bugs for this issue:
Affects: epel-7 [bug 1971725]
Affects: fedora-all [bug 1971726]
IpSecDxe is not included in any firmware binary we ship, in any Fedora or RHEL release.
(IpSecDxe is not included in any ArmVirtPkg or OvmfPkg platform even upstream.)
(In fact, upstream edk2 removed the ipsec driver altogether, in commit d55d9d066436 ("NetworkPkg: Remove IpSec driver and application", 2019-04-29); for TianoCore#1697.)
As mentioned by Laszlo IpSecDxe was removed back in 2019 from edk2. Both Red Hat Enterprise 8 version is newer than the version where the commit was introduced and doesn't ship the affected component.