Privacy Manifest and Signature

[jzilske]

As per the Upcoming third-party SDK requirements using OpenSSL in an App on the App Store will require a privacy manifest (cf. Privacy manifest files) starting next spring. Since the package comes with precompiled libraries a code signature may also be required. Is that something that you would consider providing?

[krzyzanowskim]

yes. technically. theoretically I’m not the author of OpenSSL

[jzilske]

Yes, that's what I thought as well. 🙂 Do you think this should rather be taken to the OpenSSL foundation then?

[FilDevTronic]

@krzyzanowskim would you be able to provide an update on this issue? Will you be adding the required privacy manifest by the April deadline in this project? 🙏🏻

[jzilske]

FWIW, a discussion about this has been started on the official OpenSSL repo: https://github.com/openssl/openssl/discussions/23262

[corentios]

Following this

[jzilske]

FWIW, a discussion about this has been started on the official OpenSSL repo: openssl/openssl#23262

...and it seems there's nothing coming: https://github.com/openssl/openssl/discussions/23262#discussioncomment-8516593

[BaroneX]

It looks like we need to fork this repository, add our own privacy manifest, and sign it ourselves.

[krzyzanowskim]

looks like you can also propose changes to the build script in a PR

[thapovand]

@krzyzanowskim Please Look into #195 for the Privacy Manifest

[krzyzanowskim]

Shipped with 3.1.5 https://github.com/krzyzanowskim/OpenSSL/releases/tag/3.1.5000

[jzilske]

Thank you very much @krzyzanowskim!