[openssl-users] FIPS certification for openssl

[Michael Wojcik]

> From: openssl-users [mailto:openssl-users-bounces at openssl.org] On Behalf
> Of Salz, Rich via openssl-users
> Sent: Wednesday, November 29, 2017 11:54
> To: openssl-users at openssl.org
> Subject: Re: [openssl-users] FIPS certification for openssl
>

[I wrote:]
 > > That said, it wouldn't hurt for the OMC to post a message to the list stating
> > that business will continue as planned, since two very key figures have left
> > the project.
> 
> I have two reactions, just my personal view.  First, it’s premature to say
> anything, we’re still figuring things out. Second, what open source project
> can guarantee that things will continue as they were after people left?  Or
> the larger question, what guarantees can any project really make?

That's fair. And on further consideration I'll withdraw the "to the list" part.

[Jakob wrote:]

> >  Anywhere but the well established and independently archived public
> > mailing lists.
> 
> It’s not the same Internet that it used to be…  Lots of discussion happens on
> GitHub issues these days, which I’m not thrilled with either.  (Hey you kids,
> get off my lawn.)   It seems that posting a note to the lists would be useful
> whenever we post a blog entry?

I can't speak for Jakob, of course. I was surprised to learn of the blog posts, because I hadn't been following the blog; if I knew it existed at some point, I'd forgotten. But I'm following it now.

It probably wouldn't hurt to post something to the lists when there's a blog post with news like this  - items that subscribers would likely feel is important. Blog posts like the recent "OpenSSL in China" series probably don't need to be mentioned on the lists. But it's subjective, and I wouldn't want to create more work for anyone.

-- 
Michael Wojcik 
Distinguished Engineer, Micro Focus