Version compatibility issues - Re: openssl development work / paid

Jan Just Keijser janjust at nikhef.nl
Tue May 4 07:34:32 UTC 2021 

First of all, apologies to this mailing list for making you part of this.
I will reply one more time , then take this discussion off-list.

On 04/05/21 07:24, Embedded Devel wrote:
>
> On 5/3/21 2:20 PM, Jan Just Keijser wrote:
>> Just for the record:
>>
>> On 26/03/21 09:51, Embedded Devel wrote:
>>> i now have a second developer looking at this, so hoping he can sort 
>>> it all out.
>>>
>> [...]
>>
>> I was that second developer and even though 'Embedded Devel' listed 
>> this as "paid" work and even though he made repeated promises about 
>> following up on payment, I never did receive payment.
>>
>> I checked the email address and IP addresses used for this job and 
>> found nothing terribly wrong. My conclusion is that either someone 
>> hijacked an email address - meaning that Optimcloud is not a very 
>> *safe* company to do business with -  or that 'Embedded Devel' at 
>> Optimcloud simply thinks he can get away with this - meaning that 
>> Optimcloud is not a very *trustworthy* company to do business with.
>>
> no actually, neither is the case. I submitted the work for payment, 
> accounting inquired of the developer if it was all working and he 
> stated it wasnt. So where it is, and its more i think we dont 
> understand is when the client registers and is authorized it should 
> generate a new xml config for the client, and right now there appears 
> to be some mismatch, basically we have no idea how you had this 
> working. so we are a month in from the work you did and i submitted 
> payment for, and still have had 0 reproducability. Ive even reviewed 
> the document you sent, as has he, and we are missing something.

This is the first time I hear of this. To get a few things straight (and 
I have the full email exchange at hand to back this up):
- 'embedded devel' originally asked for a developer to port old OpenSSL 
code to openssl 1.1+
- I offered to do this and ported the application to work with openssl 
1.1.1 within a few hours. 'embedded devel' agreed with me in email that 
I had achieved the original goal.
- after that, I offered to help in debugging the rest of the 
client/server application workflow, which was poorly documented but 
which had little to do with openssl specifics. I never offered or 
promised to get the entire client/server application framework working 
again.
- 'embedded devel' accepted my offer and said he had a fixed maximum 
amount that he could spend.
- I worked for the remainder of the time on analyzing and debugging the 
application workflow, even though it turned out that I was not given all 
source code. 'embedded devel' confirmed that a part was missing.
- I wrote a report with my findings and suggestions on how to proceed. 
'embedded devel' was satisfied with the report and told me he would ask 
accounting to pay me.
- after several reminders about payment he did not respond to my emails 
until I made my post yesterday, claiming for the first time that what I 
had done was not reproducible.

Reviewing this, I see no reason to change my viewpoint on the 
trustworthiness of either 'embedded devel' or the company Optimcloud.

[...]
Snipping out the rest of the mail as it is off-topic to this mailing 
list. I will reply to it privately.

JJK

More information about the openssl-users mailing list