OpenSSL Blog

Seeking Last Group of Contributors

Posted by Rich Salz ,

The following is a press release that we just put out about how finishing off our relicensing effort. For the impatient, please see https://license.openssl.org/trying-to-find to help us find the last people; we want to change the license with our next release, which is currently in Alpha, and tentatively set for May.

For background, you can see all posts in the license category.

One copy of the press release is at https://www.prnewswire.com/news-releases/openssl-seeking-last-group-of-contributors-300607162.html.

OpenSSL Seeking Last Group of Contributors

Looking for programmers who contributed code to the OpenSSL project

The OpenSSL project, [https://www.openssl.org] (https://www.openssl.org), is trying to reach the last couple-dozen people who have contributed code to OpenSSL. They are asking people to look at https://license.openssl.org/trying-to-find to see if they recognize any names. If so, contact license@openssl.org with any information.

This marks one of the final steps in the project’s work to change the license from its non-standard custom text, to the highly popular Apache License. This effort first started in the Fall of 2015, by requiring contributor agreements. Last March, the project made a major publicity effort, with large coverage in the industry. It also began to reach out and contact all contributors, as found by reviewing all changes made to the source. Over 600 people have already responded to emails or other attempts to contact them, and more than 98% agreed with the change. The project removed the code of all those who disagreed with the change. In order to properly respect the desires of all original authors, the project continues to make strong efforts to find everyone.

Measured purely by simple metrics, the average contribution still outstanding is not large. There are a total of 59 commits without a response, out of a history of more than 32,300. On average, each person submitted a patch that modified 3-4 files, adding 100 lines and removing 23.

“We’re very pleased to be changing the license, and I am personally happy that OpenSSL has adopted the widely deployed Apache License,” said Mark Cox, a founding member of the OpenSSL Management Committee. Cox is also a founder and former Board Member of the Apache Software Foundation.

The project hopes to conclude its two-year relicensing effort in time for the next release, which will include an implementation of TLS 1.3.

For more information, email osf-contact@openssl.org.

-30-

Comments