ssl library development

[Dan Ritter <dsr@randomstring.org>]

mick.crane wrote: 
> On 2025-08-05 14:49, Alain D D Williams wrote:
> > I am running Debian 12 - Bookworm.
> > 
> > I have been using ssh to login to remote machines for years. Many of
> > which I
> > use a private key - so I just go "ssh machine-name" and login without
> > needing
> > to give a password. To be able to do that I identify myself with
> > ssh-add. I
> > even wrote a tutorial:
> 
> apropos of nothing.
> Some time ago there was a report that the SSL code, that like the internet
> browsers relied on, was maintained by just one volunteer guy.


There are several SSL libraries:


openssl, descended from SSLeay, which was primarily written by
"just one volunteer guy". openssl.org is supported by the
OpenSSL Corporation (13 staff) and the OpenSSL Foundation has
ten voting members and a large number of community members.

libressl was forked from openssl in 2014 and is supported by the
OpenBSD Foundation. The primary git repo shows 96 contributors.

gnutls appears to be an independent reimplementation; it was
once sponsored by the FSF, but is currently independent. It list
four current authors.

BoringSSL is a fork of openssl maintained by Google.

There are probably a dozen or so other implementations. I
wouldn't be surprised if one or two was primarily supported by
one person, but it is not generally true.

-dsr-