Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

GRANT RECIPIENTS: Unclear description for OpenSSL #350

Open
Chealer opened this issue Apr 2, 2024 · 0 comments
Open

GRANT RECIPIENTS: Unclear description for OpenSSL #350

Chealer opened this issue Apr 2, 2024 · 0 comments
Labels
website The website content isn't on GitHub, but reporting issues here is very useful

Comments

@Chealer
Copy link

Chealer commented Apr 2, 2024

The entry for OpenSSL in the Alpha grant recipients for 2023 reads:

OpenSSL is a globally distributed cryptography library touching nearly every industry in the world.

In 2023 OpenSSL was granted $127,000 for the purpose of assessments that will be performed by teams of Trail of Bits security consultants for a total of eight engineer-weeks of effort. The secure code review, including fuzzing enhancements, will be performed over a four calendar-week period, for a total of eight engineer-weeks.

This is largely unclear. In particular, please clarify:

  1. What does "globally distributed" mean?
  2. What type of dollars does "$" designate?
  3. What will the scope be? Is it a review (assessments), or does it actually include enhancements?
@hyandell hyandell added the website The website content isn't on GitHub, but reporting issues here is very useful label May 27, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
website The website content isn't on GitHub, but reporting issues here is very useful
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@hyandell @Chealer