LF Announces New Backers, Projects For Core Infrastructure
Phoronix: LF Announces New Backers, Projects For Core Infrastructure
The Linux Foundation has some new updates this morning concerning their Core Infrastructure Initiative that basically came as a result of the widely published OpenSSL heartbleed bug to provide the OpenSSL project with better funding for development and auditing...
Goddammit. No funding for LibreSSL? They're the guys who are actually doing the right thing! Namely, gutting the abonination that is the OpenSSL codebase. (Alright, LibreSSL would require portability shims to work on Linux, but those would be a drop in the bucket funding-wise.)
No funding for GNU projects yet? Ah well...
I'm surprised Google isn't supporting LibreSSL... You know, given that it follows their preferred method of "Break as much shit as needed to make it as good as possible"
"Adobe believes that open development and open source software are fundamental building blocks for software development," said Dave McAllister, director of open source at Adobe. “The Core Infrastructure Initiative allows us to extend our support through a neutral forum that can prioritize underfunded yet critical projects. We’re excited to be a part of this work.”
Adobe is surely "Open oriented" like their flashplayer and DRM in HTML5...
I would have prefered if the openbsd team behind libressl and the open crypto audit team (behind truecrypt's audit, and also asked by LF to handle the openssl audit) had reached an agreement for collaboration and funding.
That would gives us the "one true openSSL" library.
Instead of having 2 subtly different copies of the same base library.
See how Apple's 64bit implementation and AArch64 were combined, contrast the current situation with LibreOffice.org and OpenOffice.org both existing.
*Complete different* implementations of functionality is important for diversity (cf. GNU TLS, Mozilla's NSS, Botan, Crypto++, etc.)
*Nearly identical* clones of the same software is a waste of time and resources.