Hi, For lack of a better name I chose this subject. I have the feeling I need to ask some questions here, because I - as probably many others out there - would like to contribute in making a better openssl.
Just to recap a few things that happened: * Kurt Roeckx asked recently on this list if the patch applying process could be improved and quite obviously was offering to help. As far as I can see he got some kind of answer from Steve Marquess but none from the openssl devs themselves. To put it mildly, I find that (ignoring patches and people offering help) rude and not the behaviour I expect from an open source project. * I myself asked recently if we shouldn't just disable the heartbeat extension (and while at that probably a whole bunch of other rarely or never used features). I could live with a "this is a stupid idea and we won't do it"-answer (if you have arguments), but silence is not a good answer. * I think everyone is aware by now about openbsd creating libressl. While there are many probably quite controversial changes they made, I think a lot of it by looking at it are just fixes for obvious bugs. I haven't seen any effort by now to review and partly merge the patches openbsd did. Is there anything underway? Basically, what bothers me most is that right now it seems to me the openssl project is unresponsive. There are people out there who want to improve things. There are people who want to help. And most likely there are people asking themselves if they'd better invest their time in improving openssl or helping out libressl. So to the openssl devs: Please give some answers. cu, -- Hanno Böck http://hboeck.de/ mail/jabber: [email protected] GPG: BBB51E42
signature.asc
Description: PGP signature
