> > Not looked at replacing low level RSA and EC APIs yet. > > We forced ourselves down that path because we had an internal > policy to only build OpenSSL toolkit with 'no-deprecated' Know I have to do it, but only really use low level stuff to build Json Web Keys, and the EC keys I build for signing seen incompatible with some servers, so really needs deeper investigation. Angus
