> However, I feel that the developer group is a bit closed to outsiders.
More communication and transparency is coming, as we have a bigger and more
invigorated developer team. It will take time. But not everything will always
be discussed in public mailing lists right away, parciularly around
vulnerabilities.
> I requested access to the OpenSSL scan results on coverity, and up to now,
> my request is still pending :-(
This could be an example of that. (I don't know, I haven't looked through any
reports.) But I hope that you understand why there might be concerns about
doing this.
Are there other issues or examples that come to mind?
/r$
--
Principal Security Engineer
Akamai Technologies, Cambridge, MA
IM: rs...@jabber.me; Twitter: RichSalz
:��I"Ϯ��r�m�����
(����Z+�7�zZ)���1���x���h����W^��^��%�����&jם.+-1�ځ��j:+v�������h�
