Two points: - you use function xyz of openssl (is the implementation safe?) - the purpose of using this in your application is "saving peanuts". what are peanuts?
/P On 12/01/2016 08:29 PM, Brian Jost wrote: Ok thanks, so there isn't a generic declaration that applications using openssl standard encryption like GCM can use? Each application will have to get self declared? On Thu, Dec 1, 2016 at 12:12 PM, Peter Sylvester Edelweb <peter.sylves...@edelweb.fr<mailto:peter.sylves...@edelweb.fr>> wrote: Hi There are news since about a year. https://www.ssi.gouv.fr/administration/reglementation/controle-reglementaire-sur-la-cryptographie/ There is a downloadable editable PDF to prepare the declaration. Anyway, you normally do not declare all functionality of the openssl library if you use it in a product. It may be as simple as "to hash passwords we use the SHAnnn functions as implemented by openssl". I used to make such declarations about 15 years ago. Peter
-- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
