|
Message-ID: <20140530032029.GA8738@zoho.com>
Date: Fri, 30 May 2014 03:20:29 +0000
From: mancha <mancha1@...o.com>
To: oss-security@...ts.openwall.com
Cc: info@...uxfoundation.org, admin@...ncryptoaudit.org
Subject: Linux Foundation OpenSSL audit
The Linux Foundation's Core Infratructure Initiative (CII), born during
the aftermath of Heartbleed, has announced five new corporate sponsors
as well as its immediate plans to support the NTP, OpenSSH, and OpenSSL
projects. [1]
I applaud both the Linux Foundation and all its corporate sponsors for
their inspiring leadership and vision.
In the case of OpenSSL, some of the funding will be channeled through
the Open Crypto Audit Project (OCAP) which is being charged with its
security audit.
OCAP can benefit greatly from reviewing OpenBSD's ongoing OpenSSL
audit/review process which was the genesis for LibreSSL. I am cc'ing
OCAP so they might comment on how the LibreSSL effort will factor into
their workplan.
Further, I am aware the OpenBSD Foundation has reached out to CII to
request LibreSSL funding support. Given OpenBSD's solid track record and
the leadership and initiative they've demonstrated through LibreSSL, I
would appreciate if CII (also cc'd) would comment on that outstanding
request.
Many thanks.
--mancha
[1] http://www.linuxfoundation.org/news-media/announcements/2014/05/core-infrastructure-initiative-announces-new-backers
Content of type "application/pgp-signature" skipped
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.