> On Fri, Sep 6, 2013 at 6:02 PM, Tim Bray <tb...@textuality.com> wrote:
> > How about a BCP saying conforming implementations of a wide-variety of > > security-area RFCs MUST be open-source? > > > > *ducks* > > > And the user MUST compile them themselves from the sources? > Nobody runs open source, (unless its an interpreted language). They run the > compiled version and there is no infrastructure to check up on the > compilation. And don't forget: http://cm.bell-labs.com/who/ken/trust.html Ned
