branden is currently certified at Master level.

Name: Branden Robinson
Member since: 2000-04-03 08:17:26
Last Login: 2008-05-23 10:37:31

FOAF RDF Share This

Homepage: http://www.debian.org/~branden/

Notes:

former Debian Project Leader; former Debian XFree86 package maintainer and chief nuisance of Debian X Strike Force

Projects

Recent blog entries by branden

Syndication: RSS 2.0
14 May 2008 (updated 23 May 2008 at 10:37 UTC) »

Ben Laurie,

You wrote:

"It seems that the Debian maintainer did, indeed, mention his plan on openssl-dev. Openssl-dev is a list for people developing OpenSSL based software, not a list for discussing the development of OpenSSL itself. I don’t have the bandwidth to read it myself. If you want to communicate with the OpenSSL developers you need to use openssl-team@openssl.org."

Publishing contact information for the OpenSSL developers responsible for actually vetting patches to the OpenSSL source sounds like a great idea.

Of course, this address is prominently placed in the source archive so downstream people, and just plain interested users (such as professional cryptographers) will be aware of it, right?

$ wget 
http://openssl.org/source/openssl-0.9.8g.tar.gz --2008-05-14 
01:56:41--  
http://openssl.org/source/openssl-0.9.8g.tar.gz
Resolving openssl.org... 195.30.6.166
Connecting to openssl.org|195.30.6.166|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 3354792 (3.2M) [application/x-tar]
Saving to: `openssl-0.9.8g.tar.gz'


100%[===================================================================================================================>] 3,354,792 161K/s in 16s

2008-05-14 01:56:58 (200 KB/s) - `openssl-0.9.8g.tar.gz' saved [3354792/3354792]

$ tar xfz openssl-0.9.8g.tar.gz $ cd openssl-0.9.8g/ $ ls -1 CHANGES CHANGES.SSLeay ChangeLog.0_9_7-stable_not-in-head ChangeLog.0_9_7-stable_not-in-head_FIPS Configure FAQ INSTALL INSTALL.DJGPP INSTALL.MacOS INSTALL.NW INSTALL.OS2 INSTALL.VMS INSTALL.W32 INSTALL.W64 INSTALL.WCE LICENSE MacOS Makefile Makefile.org Makefile.shared NEWS Netware PROBLEMS README README.ASN1 README.ENGINE VMS apps bugs certs config crypto demos doc e_os.h e_os2.h engines include install.com makevms.com ms openssl.doxy openssl.spec os2 perl shlib ssl test times tools util $ grep -Fr openssl-team@openssl.org . $ grep -Fr openssl-team . $ grep team README $ grep -i team README $ grep -i team FAQ You can check authenticity using pgp or gpg. You need the OpenSSL team property rights, please consult a lawyer. The OpenSSL team does not $

Well, at least we'll be able to find this contact address in some reasonably conspicuous location on the OpenSSL website, right?

Let's try the front page. Hmm, nope.

How about the "Support" page, prominently placed on the site's navigation bar? Success! Er, kind of. We have openssl-announce, openssl-dev, openssl-cvs, and openssl-users. A pretty typical and idiomatic way of setting up mailing lists in Free and Open Source software projects. Kudos! Except, as you noted, none of these is actually the right list to contact the developers of OpenSSL. Well, I'm sure I'm the only person on earth whose intuition is challenged by that, so let's check some other places on the OpenSSL website wherein my howlingly erroneous assumption is put right.

Well, this is a patch we're talking about, so how about the Contribution page?

Hmm, perhaps:

Welcome to the User Contribution Area of OpenSSL. This area contains files maintained by the OpenSSL users and placed here by the OpenSSL team. They are provided AS IS without any kind of support or guaranty.

THIS AREA IS PROVIDED BY THE OPENSSL PROJECT ``AS IS'' AND ANY EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OPENSSL PROJECT OR ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

No, perhaps not.

The Source page is another dead-end; it shows me a lot of source I can retrieve, but does not inform me whom I can speak with about it. Undaunted, I press on.

Well, heck, how about the About page? Hey, this looks promising!

The OpenSSL Core and Development Team

The OpenSSL project is volunteer-driven. We do not have any specific requirement for volunteers other than a strong willingness to really contribute while following the projects goal. The OpenSSL project is formed by a development team, which consists of the current active developers and other major contributors. Additionally a subset of the developers form the OpenSSL core team which globally manages the OpenSSL project. Anyone wanting to join the development effort should subscribe to the developers mailing list openssl-dev@openssl.org, where all development efforts are coordinated.

But, silly me, of course I should utterly disregard the exclusive mention of openssl-dev@openssl.org in a section entitled "The OpenSSL Core and Development Team".

Several individual members are listed, yourself under "core team", and Ulf Möller under "development team". If Mr. Möller was a member of the "development team" at the time Debian developer Kurt Roeckx contacted the openssl-dev list, then I'm sure he should have known to disregard the advice he was given, right? (I'm sure you can correct me with appropriate fist-shaking indignation if your and Mr. Möller's status in the dev team was sufficiently different two years ago. You may, or may not, want to consult The Internet Archive's copy of the page as it existed on 1 and 2 May, 2006, before doing so.)

Well, I have one trick left up my sleeve—I can consult that device which has applied cluebats to addled heads for generations, the mighty FAQ! And do I find an answer?

Hallelujah!

3. How can I contact the OpenSSL developers? The README file describes how to submit bug reports and patches to OpenSSL. Information on the OpenSSL mailing lists is available from http://www.openssl.org.

(emphasis added)

By God, you've got me! Just read the README, for which a case-insensitive grep for "team" returns no matches! But never mind that, I can just go to www.openssl.org, find the...er...nonexistent...mention of mailing lists on the front page, stumble around until I find the aforementioned list of mailing lists, and, uh...don't find any mention of "openssl-team@openssl.org".

Hey, but you stand vindicated, because you shouted the correct contact address to the whole world in the 43rd comment to the 327th post on your blog (which must surely compare favorably to being posted on the bottom of a locked filing cabinet stuck in a disused lavatory with a sign on the door saying 'Beware of the Leopard'.).

Your certificate of induction into the Good Communication Hall of Fame is forthcoming.

Which mailing list should I send it to?

Obviously I have not been writing diary entries very frequently. Since last I posted here, I have moved to Indianapolis and taken a job with Progeny Linux.

Hacking activities: I am finally getting Debian packages of XFree86 4.0.1 off the ground. I largely have Progeny to thank for letting me spend time on this.

Nonhacking activities: Books? Well, I finished The Final Days quite a while back. Currently on the pile is Overcoming Law by U.S. Appeals Court Judge Richard Posner (the same guy Thomas Penfield Jackson appointed to mediate between the DoJ and Microsoft); that's the one I'm reading at present. Next come Cryptonomicon and something I probably should have read long ago, Dune. On the musical front, I finally bought the guitar amplifier I've been wanting for so long: a Marshall Valvestate VS102R. 100 watts. Woohoo! It's definitely no practice amp, being grossly overpowered for the apartment, but I learned a few years ago that while 35 watts may sound plenty loud in your house, it's not enough when you're jamming with a few other people (other amps, drums, etc.).

I seem to have difficulty talking about software in these diary entries. I guess the Debian lists absorb most of that, leaving precious little for Advogato. Anyway, those who care about what I've actually been hacking on can just go the X Strike Force and make themselves sick on Debian packaging minutae, and fun things like app-defaults switcheroos. I just love getting my hands grubby with xc/lib/Xt/IntrinsicI.h.

Until next time...

Hacking activities

Well, the weekend didn't turn out as productive as I had hoped. Much of the time that I should have spent hacking on XFree86 4 was instead spent forking Debian's ALSA packages. The current package maintainer seems to have some staggeringly strange ideas about package relationships. Once these are finished, I'll make them available on my Debian webpage, put up a Packages.gz, and let users vote with their feet.

Not-so-hacking activities

Got through about eight chapters each of Tcl and the Tk Toolkit and The Final Days. Tcl's syntax is every bit as quirky as people warned me. Ousterhout is right, there really are just a few simple rules; I just have to learn to selectively switch off my mental Bourne (and, to a lesser extent, C) syntax filters. It is interesting to read about the Nixon presidency and contrast it with what is regarded as political malfeasance today. In Nixon's day, it was believed that if word of the Huston Plan got out, it would be terribly damaging to him politically. Today, Louis Freeh testifies before Congress, bald-facedly asserting the necessity of surveillance powers that were but a spook's masturbatory fantasy in 1974 -- and yet hysterical partisans try to take down the President for getting his pole waxed by a coat-tail riding fluffer. Things in this country are screwed. Maybe I'll have to stow away in Wichert's luggage next time we're at a Linux conference together.

How much do I owe the RIAA for this?

Popped a couple of CD's in the stereo, cranked it and the guitar amplifier up, and got in some practice today. Half a dozen Beatles tunes (Day Tripper, We Can Work It Out, Paperback Writer, Lady Madonna, Hey Jude, and Revolution) and Limelight by Rush. Two things really suck about the latter -- 1) trying to count through the guitar solo is unholy difficult, but also the only the way to play it right; 2) the clean channel during the chorus was a single-coil overdub, so I have exactly the space between two eighth notes to move the pickup switch *and* step on the distortion pedal to switch it to bypass, if I want to reproduce the original parts. Playing that clean part through the humbucker sounds awful to me. Oh well, I guess I'll just have to palm-mute the part instead. Did I mention how hard it is to count the solo?

Quaint thoughts

Frankly, I think people have the right to be disinterested in whatever discussion threads they choose, and don't deserve to have inflammatory rhetoric used against them. Connotating "quaint" as "brutally dismissive" -- very clever, reinforces that male stereotype of brutality. These are diary entries. People should take what they want and leave what they don't. They should also be left free to say why they're taking or leaving it. :) This is not a symposium. Diary entries should not be regarded as attempts at persuasive speech, though they may contain strongly opinionated remarks. IMO, the right way to write, and read, these entries is with a generous dollop of indifference to the interests of others. That said, may I should take my own advice and just start ignoring the person by whom I feel provoked. :)

Hmm, wish I had some more hacking talk, but today just wasn't a very hacking day...I caught enough of tonight's X-Files episode (written and directed by Gillian Anderson) to note that it seemed primarily to be showcase for the Moby album, and some really shallow introspective monologues. So I got myself an antidote to both; popped in Liquid Tension Experiment 2 and indulged myself in 75 minutes of anti-minimalistic instrumentals. :) (Actually, the final half-hour is a relatively laidback.)

Haven't made a diary entry in a few days.

Bought 4 books last night: Ousterhout's Tcl/Tk book -- old, but seems worth knowing; Lutz & Ascher's Learning Python -- I normally avoid O'Reilly where possible (it often isn't), but I will need to be getting my hands with sticky GUI prototyping languages for work; Erik Larson's Isaac's Storm -- apparently it's kind of a cliché to buy this these days, but hey, I heard Dick Estell reading it on NPR and it sounded good; Woodward & Bernstein, The Final Days -- I read All the President's Men last year so this seems apropos. Almost picked up Zinn's People's History of the United States but put it down after a cursory reading of some passages. When you repudiate both the Left and the Right, it sure is hard to find a political perspective that isn't aggravating. History simply is, we need neither apologize for it nor glorify it (or the people in it). Anyway, I needed some new books because I was falling back on my old standbys for bedtime reading material, The GNU C Library Reference Manual and The Columbia History of the World. Hopefully my fellow Advogatans have better things to do than laugh about my reading habits for the next few days in their own diary entries-cum-discussion threads.

I'm actually up somewhat early on a Saturday morning so I'll be spending the day beating on XFree86 4.0 as hard as I can. David Dawes quietly put out the 4.0a development release...a 1.6 megabyte diff! Some of the fixes are really important; I might have to make binary-only .deb releases until 4.0.1 is released. There are 94 bugfixes and enhancements identified in the changelog. Anyway, to say more would probably break my XFree86 development NDA, so I should just shut up and get back to work...

I have only two thread-type remarks: first, watching onionskin feminists and male chauvinist pigs fight is just as boring here as it is anyplace else, the Blys and Faludis should just excuse themselves and go scream at each other on USENET (though, to be fair, a glance at the bookshelves last night reveals that both Naomi Wolf and Susan Faludi realized at some point after 1996 that men are people, too -- I guess if you can't beat Paglia, join her, eh?); and second, it's good to see Joey Hess finally realizing just how evil Slang is as a screen library. Go with ncurses, my man, and learn the blessed way...

I just uploaded Debian packages of version 4.0 of X...trs. :) Tim Mann just released the latest version of his cool TRS-80 emulator a few days ago. Packages that compile in three minutes are nice.

Anyway, back to XFree86 4.0 .debs...when they are ready they will appear at the usual place.

1 older entry...

 

branden certified others as follows:

  • branden certified branden as Journeyer
  • branden certified jgg as Master
  • branden certified ajt as Journeyer
  • branden certified srivasta as Journeyer
  • branden certified joey as Master
  • branden certified lilo as Master
  • branden certified wichert as Master
  • branden certified bombadil as Journeyer
  • branden certified davidw as Journeyer
  • branden certified dhd as Master
  • branden certified lupus as Journeyer
  • branden certified marcel as Journeyer
  • branden certified bribass as Journeyer
  • branden certified jonas as Journeyer
  • branden certified plundis as Journeyer
  • branden certified vincent as Apprentice
  • branden certified apenwarr as Journeyer
  • branden certified jim as Journeyer
  • branden certified espy as Journeyer
  • branden certified doogie as Journeyer
  • branden certified omnic as Journeyer
  • branden certified hands as Journeyer
  • branden certified austin as Journeyer
  • branden certified nick as Journeyer
  • branden certified broonie as Journeyer
  • branden certified lordsutch as Journeyer
  • branden certified chip as Master
  • branden certified z as Apprentice
  • branden certified dunham as Journeyer
  • branden certified tausq as Journeyer
  • branden certified danpat as Apprentice
  • branden certified ajk as Journeyer
  • branden certified drow as Master
  • branden certified jch as Journeyer

Others have certified branden as follows:

  • branden certified branden as Journeyer
  • ajt certified branden as Journeyer
  • plundis certified branden as Journeyer
  • jgg certified branden as Journeyer
  • srivasta certified branden as Journeyer
  • z certified branden as Apprentice
  • danpat certified branden as Journeyer
  • darkewolf certified branden as Journeyer
  • davidw certified branden as Journeyer
  • hands certified branden as Journeyer
  • macricht certified branden as Journeyer
  • CentralScrutinizer certified branden as Journeyer
  • rillian certified branden as Journeyer
  • lordsutch certified branden as Journeyer
  • joey certified branden as Journeyer
  • knghtbrd certified branden as Journeyer
  • cech certified branden as Journeyer
  • nick certified branden as Journeyer
  • tausq certified branden as Journeyer
  • dres certified branden as Journeyer
  • calc certified branden as Journeyer
  • bribass certified branden as Journeyer
  • broonie certified branden as Journeyer
  • lupus certified branden as Journeyer
  • jwalther certified branden as Journeyer
  • omnic certified branden as Journeyer
  • gorgo certified branden as Journeyer
  • ruud certified branden as Journeyer
  • eliot certified branden as Journeyer
  • bma certified branden as Journeyer
  • marcel certified branden as Master
  • frb certified branden as Journeyer
  • jmecham certified branden as Journeyer
  • jim certified branden as Journeyer
  • wichert certified branden as Journeyer
  • ajk certified branden as Journeyer
  • Joy certified branden as Journeyer
  • rcw certified branden as Master
  • neuro certified branden as Journeyer
  • bdale certified branden as Journeyer
  • seeS certified branden as Journeyer
  • mstone certified branden as Journeyer
  • drow certified branden as Master
  • ljb certified branden as Journeyer
  • edward certified branden as Master
  • dvdeug certified branden as Master
  • mdorman certified branden as Journeyer
  • JHM certified branden as Master
  • edb certified branden as Master
  • shaleh certified branden as Journeyer
  • jpick certified branden as Master
  • lazarus certified branden as Journeyer
  • brother certified branden as Master
  • jch certified branden as Journeyer
  • bod certified branden as Journeyer
  • bas certified branden as Journeyer
  • psg certified branden as Master
  • zed certified branden as Master
  • karlheg certified branden as Journeyer
  • cwryu certified branden as Journeyer
  • gopal certified branden as Master
  • wayne certified branden as Journeyer
  • fabien certified branden as Journeyer
  • jhasler certified branden as Master
  • Jordi certified branden as Master
  • cpbs certified branden as Master
  • ths certified branden as Master
  • sstrickl certified branden as Journeyer
  • jfs certified branden as Master
  • Tv certified branden as Journeyer
  • xtifr certified branden as Journeyer
  • Slimer certified branden as Master
  • jaq certified branden as Master
  • decklin certified branden as Master
  • robster certified branden as Master
  • juhtolv certified branden as Master
  • etbe certified branden as Master
  • exa certified branden as Journeyer
  • mako certified branden as Master
  • claviola certified branden as Master
  • mdz certified branden as Journeyer
  • alfie certified branden as Master
  • mwk certified branden as Master
  • gp certified branden as Master
  • Netsnipe certified branden as Master
  • dieman certified branden as Master
  • NoWhereMan certified branden as Master
  • walters certified branden as Journeyer
  • piman certified branden as Master
  • Sam certified branden as Master
  • mihtjel certified branden as Master
  • ole certified branden as Master
  • schultmc certified branden as Master
  • fallenlord certified branden as Master
  • xsdg certified branden as Master
  • dark certified branden as Journeyer
  • mhatta certified branden as Journeyer
  • dopey certified branden as Master
  • daniels certified branden as Master
  • anholt certified branden as Master
  • migus certified branden as Master
  • gwolf certified branden as Master
  • Barbwired certified branden as Master
  • csg certified branden as Journeyer
  • rotty certified branden as Master
  • esteve certified branden as Master
  • compukid certified branden as Master
  • jochen certified branden as Master
  • codrea certified branden as Master

[ Certification disabled because you're not logged in. ]

New Advogato Features

New HTML Parser: The long-awaited libxml2 based HTML parser code is live. It needs further work but already handles most markup better than the original parser.

Keep up with the latest Advogato features by reading the Advogato status blog.

If you're a C programmer with some spare time, take a look at the mod_virgule project page and help us with one of the tasks on the ToDo list!

X
Share this page