The API does not prevent concurrent operators. The guidance from the CMVP is that an application (even if operated by a webserver on behalf of someone else) is an operator for purposes of determining compliance with that restriction.
Of course, the CMVP seems to want to reduce the functionality of systems that use validated crypto to zero, as well, so I dunno where the balance lies. Neither does Steve M, and he's pretty much openssl's most visible diplomat to the Priesthood of the CMVP. -Kyle H On Wed, Aug 19, 2009 at 9:27 AM, Pandit Panburana<ppanb...@yahoo.com> wrote: > Hello, > The security policy of states that the module does not allow concurrent > operators. How does API prevent concurrent operator? > Thank you, > -Pandit > ________________________________ > > ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
