French Declaration

classic Classic list List threaded Threaded
6 messages Options
Reply | Threaded
Open this post in threaded view
|

French Declaration

Brian Jost
I see that it was discussed many years ago about getting a French Declaration for openssl. Was this ever successful? If so is there a place I can download the declaration as it seems to be required when submitting to the iOS appstore.

--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Reply | Threaded
Open this post in threaded view
|

Re: French Declaration

Salz, Rich
> I see that it was discussed many years ago about getting a French Declaration for openssl. Was this ever successful? If so is there a place I can download the declaration as it seems to be required when submitting to the iOS appstore.

The OpenSSL project has never pursued or obtained any such document.
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
pl
Reply | Threaded
Open this post in threaded view
|

Re: French Declaration

pl
On 01/12/2016 18:56, Salz, Rich wrote:
>> I see that it was discussed many years ago about getting a French Declaration for openssl. Was this ever successful? If so is there a place I can download the declaration as it seems to be required when submitting to the iOS appstore.
> The OpenSSL project has never pursued or obtained any such document.


I am not sure of what 'French Declaration means' at least Loic Dachary
did request for one 'autorisation de fourniture en vue de l'utilisation
générale et d'importation et exportation' for fsfe long time ago;
information in french can be found here
http://fsffrance.org/dcssi/dcssi.fr.html but .. is quite old.

This covers 'Décret n°2001-1192 du 13 décembre 2001 relatif au contrôle
à l'exportation, à l'importation et au transfert de biens et
technologies à double usage'. ( This very moment i prefer being a
developer than a lawer ).

This is for information only, i won't be of any further help on that topic.



--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

signature.asc (267 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: French Declaration

Peter Sylvester-3
Hi

There are news since about a year.

https://www.ssi.gouv.fr/administration/reglementation/controle-reglementaire-sur-la-cryptographie/
There is a downloadable editable PDF to prepare the declaration.

Anyway, you normally do not declare all functionality of the openssl library if you use it in a product.

It may be as simple as "to hash passwords we use the SHAnnn functions as implemented by openssl".

I used to make such declarations about 15 years ago.


Peter






--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Reply | Threaded
Open this post in threaded view
|

Re: French Declaration

Brian Jost
Ok thanks, so there isn't a generic declaration that applications using openssl standard encryption like GCM can use? Each application will have to get self declared?

On Thu, Dec 1, 2016 at 12:12 PM, Peter Sylvester Edelweb <[hidden email]> wrote:
Hi

There are news since about a year.

https://www.ssi.gouv.fr/administration/reglementation/controle-reglementaire-sur-la-cryptographie/
There is a downloadable editable PDF to prepare the declaration.

Anyway, you normally do not declare all functionality of the openssl library if you use it in a product.

It may be as simple as "to hash passwords we use the SHAnnn functions as implemented by openssl".

I used to make such declarations about 15 years ago.


Peter








--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Reply | Threaded
Open this post in threaded view
|

Re: French Declaration

Peter Sylvester-3
Two points:

- you use function xyz of openssl (is the implementation safe?)
- the purpose of using this in your application is "saving peanuts". what are peanuts?

/P



On 12/01/2016 08:29 PM, Brian Jost wrote:
Ok thanks, so there isn't a generic declaration that applications using openssl standard encryption like GCM can use? Each application will have to get self declared?

On Thu, Dec 1, 2016 at 12:12 PM, Peter Sylvester Edelweb <[hidden email]> wrote:
Hi

There are news since about a year.

https://www.ssi.gouv.fr/administration/reglementation/controle-reglementaire-sur-la-cryptographie/
There is a downloadable editable PDF to prepare the declaration.

Anyway, you normally do not declare all functionality of the openssl library if you use it in a product.

It may be as simple as "to hash passwords we use the SHAnnn functions as implemented by openssl".

I used to make such declarations about 15 years ago.


Peter









--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users