[openssl-users] French Declaration
Peter Sylvester Edelweb
peter.sylvester at edelweb.fr
Thu Dec 1 19:44:02 UTC 2016
Two points:
- you use function xyz of openssl (is the implementation safe?)
- the purpose of using this in your application is "saving peanuts". what are peanuts?
/P
On 12/01/2016 08:29 PM, Brian Jost wrote:
Ok thanks, so there isn't a generic declaration that applications using openssl standard encryption like GCM can use? Each application will have to get self declared?
On Thu, Dec 1, 2016 at 12:12 PM, Peter Sylvester Edelweb <peter.sylvester at edelweb.fr<mailto:peter.sylvester at edelweb.fr>> wrote:
Hi
There are news since about a year.
https://www.ssi.gouv.fr/administration/reglementation/controle-reglementaire-sur-la-cryptographie/
There is a downloadable editable PDF to prepare the declaration.
Anyway, you normally do not declare all functionality of the openssl library if you use it in a product.
It may be as simple as "to hash passwords we use the SHAnnn functions as implemented by openssl".
I used to make such declarations about 15 years ago.
Peter
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20161201/2ad6410b/attachment.html>
More information about the openssl-users
mailing list