[..snip a bunch of sane pondering at completely inexplicable behavior by
third parties..]
> The only thing I currently know is that with Apache 2.0 it seems that we
> again will have the same SSL/TLS problem as we had three years ago with
> Apache 1.3 (means: an unpolished 70% percent solution). And I also know
> that someone (not necessarily me) will again find this not satisfactory.
> What approach then is used to change this we all still don't know...
Ralf, take heart that you're not alone here. As much as I believe in
and work for OpenSource projects, this is the achilies heel of them
all. They completely forget they are still developing applications for
a USER BASE. When their internal politics flies in the face of what's
best for that user base, the project comes off looking like it was done
by a gaggle of immature, clue-challenged fruckwits who cannot grasp the
basics of how to run a successful project.
<mutters something about forgetting and repeating history...>
Apache has been (arguably) one of the best OS projects to date. It
pains me to see the obvious, and most successful current SSL
implementation not be chosen for the 2.0 revision. I definitely don't
recall seeing a user-community vote on the topic of SSL/TLS choice for
the 2.0 revision. I'm sure there are many folks who would have
appreciated the opportunity to have voiced their opinion. Heck, even
large companies like Computer Associates take polls of that nature.
After all, if the project doesn't do its best to increasingly serve the
user base that's grown along with it, what's the point? Surely the
point can't be politics - that's reserved for those extra-special folks
who speak far more and work far less.
just my $0.02 at the state of some recent, mind-bogglingly stupid moves
in the OpenSource community.
--dsp
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
