Hacker News new | past | comments | ask | show | jobs | submit login

>> NSS has more institutional constraints; random people in Germany can't, as a general rule, add support for new TLS extensions to it.

> Why not? NSS is handled by Mozilla. Mozilla prides itself on being open-source. People can submit patches to NSS by filing in Bugzilla.

Maybe he meant Mozilla as an organization is much better equipped to handle patching of NSS better than the OpenSSL team. I have seen Firefox bug reports number of times and there seems to be a proper process in place to review patches before accepting. I am not aware of anything that good on the OpenSSL side.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: