[Info-vax] HP SSL V1.3 (and higher)
Neil Rieck
n.rieck at sympatico.ca
Tue Mar 13 21:06:07 EDT 2012
On Mar 12, 5:06 pm, Jose Baars <peutba... at googlemail.com> wrote:
> Nice and very helpful docs! I really appreciate the hard work and
> effort you must have put in to it.
>
> I looked at some HP SSL source trees as well a few years ago.
> I found that some aspects are far better in the HP code than in
> OpenSSL
> like the (re)seeding of the random number generator, but other things
> are worse than the OpenSSL version, like reading random data intended
> to seed the random number generator from anything else but a file.
>
> Reconciling both code bases and choosing, coding and testing the
> best
> solution in all cases would be serious work.
You are correct. I suspect that the people at HP do not want to see
their programmers moving value-add improvements back into the public
code base. But isn't that was Open Source is all about? After all,
both Compaq and HP have been using cool open source stuff (Apache,
Tomcat, OpenSSL, etc.) for years so shouldn't they feel obligated to
give a little back? Also, if they improve the code base now, then
wouldn't they need to do a lower volume of work the next time they
pull in the public code base to do an HP sanctioned and supported
release?
Just my two cents worth.
Neil Rieck
Kitchener / Waterloo / Cambridge,
Ontario, Canada.
http://www3.sympatico.ca/n.rieck/
More information about the Info-vax
mailing list