[openssl-users] calloc vs kssl_calloc

Jakob Bohm jb-openssl at wisemo.com
Mon Oct 3 23:48:42 UTC 2016

On 01/10/2016 23:18, Salz, Rich wrote:
>> However there are very many OpenSSL users (myself included) who rely on
>> the legal status of OpenSSL/SSLeay as having no US origin parts.  If this has
>> changed, it needs a big red banner at the top of the www.openssl.org, every
>> affected source file with the original EAY copyright boilerplate or its OpenSSL
>> clone etc.
> As of 1.1.0 every single file has modifications by US Citizens because I globally changed the copyright.
Really, I thought the US team dealt exclusively with the FIPS
bureaucracy acting as "cutouts" between US government interests
and the non-US developers, never actually touching the code.
> We are NOT going to mark US/non-US contributions, sorry.
> OpenSSL and SSLeay has always had US contributions, it's just that we were done indirectly.  For example, "git show eb64730" which was early 2000.
This fact was *not* published widely enough to be seen by
everyone concerned.  It was certainly not published as widely
as the fact that SSLeay was created and maintained entirely
outside the US, and that this was one of its major attractions.

Basically that internal checkin (which I have no idea what is,
since I only see the released tarballs) or any earlier US code
changes would have been a watershed change.


Jakob Bohm, CIO, Partner, WiseMo A/S.  https://www.wisemo.com
Transformervej 29, 2860 Søborg, Denmark.  Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded

More information about the openssl-users mailing list