The title of this submission is incorrect. The funding goes to the general fund, not specifically to OpenSSL.
Here's the press release this article is based on:
http://www.linuxfoundation.org/news-media/announcements/2014...
And here's the actual initiative:
http://www.linuxfoundation.org/programs/core-infrastructure-...
Discussed here:
But even if LibreSSL is a huge success, OpenSSL isn't going to go away and it's important that that existing project get support from the people that use it an benefit from it the most. Which is exactly what is happening.
This reminds me of XFree86. Some said XFree86 would still be around after the X.org fork. The culture of XFree86 was so bad though that the project was effectively abandoned by everyone except for the "leader" David Dawes before X.org was even operational.
Projects with poisoned cultures appear to die off. With the ratty code-base and aversion to contributions by OpenSSL it seems like a good candidate for abandonment.
We don't need OpenSSL, we need another library built from scratch with very clean code and documentation.
Everyone who has more interest on why OpenSSL is a catastrophe should watch operation ORCHESTRA[0].
With ya up until this. The core crypto code works. The framework around it is aged, crufty, and could use a refactor/rewrite. But tossing the baby out is not useful here. Just wash the kid and put on some new clothes and he'll fit right in again.
LibreSSL is going in the right direction (specific questionable decisions notwithstanding). Hopefully someone will bring over some of that love to the main codebase.
Well, feel free to hop to it, then.
If you've known about this for a while and haven't done anything, then you're part of the problem.
The LibreSSL guys are much more willing to tackle the problems, remove all backwards compatible crud and modernize it. Because the things they are removing are jaw dropping: http://opensslrampage.org
OpenSSL looks like a mice nest
1. xFree86 kicked Keith Packard out and he joined up with Xorg/free desktop. 2. Most XFree86 devs migrated to X.org 3. The License Change. And this is key. The switch to a GPL v2-incompatible license. that made it incompatible with the Linux kernel and almost every project.
Moreover, the major users of XFree86 were linux and Unix-like distro. That's a big market but comparably small with the number of projects that use OpenSSL.
Could OpenSSL disappear? Yes. But it won't happen overnight, simply because of the existing number of projects that use it.