Two points:

- you use function xyz of openssl (is the implementation safe?)
- the purpose of using this in your application is "saving peanuts". what are 


On 12/01/2016 08:29 PM, Brian Jost wrote:
Ok thanks, so there isn't a generic declaration that applications using openssl 
standard encryption like GCM can use? Each application will have to get self 

On Thu, Dec 1, 2016 at 12:12 PM, Peter Sylvester Edelweb 
<<>> wrote:

There are news since about a year.
There is a downloadable editable PDF to prepare the declaration.

Anyway, you normally do not declare all functionality of the openssl library if 
you use it in a product.

It may be as simple as "to hash passwords we use the SHAnnn functions as 
implemented by openssl".

I used to make such declarations about 15 years ago.


openssl-users mailing list
To unsubscribe:

Reply via email to