|
| 1 | +--- |
| 2 | +layout: post |
| 3 | +title: My OpenSSL warrant canary |
| 4 | +tags: community openssl |
| 5 | +comments: true |
| 6 | +--- |
| 7 | + |
| 8 | +Today I imported [posts I'd written for the Stack Overflow |
| 9 | +blog](https://jlericson.com/tag/blogoverflow.html) onto my blog. Most |
| 10 | +of them are end-of-year review posts so I've been thinking about how |
| 11 | +that job changed from [how it |
| 12 | +started](/2013/08/09/please-welcome-jon-ericson-community-manager.html).[^1] |
| 13 | +By the time I [left Stack |
| 14 | +Overflow](https://jlericson.com/2020/01/17/leaving_stack.html), it was |
| 15 | +clear the company had experienced mission creep and ["[helping] coders |
| 16 | +help each other become better coders by sharing their knowledge with |
| 17 | +one |
| 18 | +another"](https://meta.stackoverflow.com/questions/381927/is-the-official-direction-of-stack-overflow-now-to-help-educate-the-next-generat/381935#381935) |
| 19 | +was no longer the top priority. |
| 20 | + |
| 21 | +In the new year I will [start work at |
| 22 | +OpenSSL](/2024/12/10/openssl_job.html), which has a very clear |
| 23 | +[mission statement](https://openssl-mission.org/). Reading [the |
| 24 | +Foundation's annual |
| 25 | +report](https://openssl-foundation.org/OpenSSL-Foundation-2024-Annual-Report.pdf) |
| 26 | +reminds me of the salad days of Stack Overflow when everyone |
| 27 | +recognized that success depended on strangers answering each others' |
| 28 | +questions. A difference is that OpenSSL has maintained it's focus for |
| 29 | +25 years.[^2] Having met the OpenSSL Foundation team, I strongly |
| 30 | +believe them to be upright and effective custodians of the mission. |
| 31 | + |
| 32 | +Still, there are always risks. For instance: |
| 33 | + |
| 34 | +* Quantum computing could trivialize the mathematical problems that |
| 35 | + form the foundation of modern cryptography.[^3] |
| 36 | +* A government could discover a flaw in the library and take actions |
| 37 | + to prevent the flaw from being fixed or disclosed. |
| 38 | +* Some other mission could take priority or resources away from the |
| 39 | + current mission. |
| 40 | + |
| 41 | +[Conflicted loyalty](https://jlericson.com/2023/10/16/catija.html) is |
| 42 | +an occupational hazard of community management. While open |
| 43 | +communication is ideal, there can be times when it's not possible or |
| 44 | +even counterproductive. So I've decided to set up a [warrant |
| 45 | +canary](/canary) that says (as of the time of writing): |
| 46 | + |
| 47 | +> I warrant that the [OpenSSL |
| 48 | +Foundation](https://openssl-foundation.org/) is effectively pursuing |
| 49 | +[its mission](https://openssl-mission.org/): |
| 50 | +> |
| 51 | +>> We believe everyone should have access to security and privacy |
| 52 | +>> tools, whoever they are, wherever they are or whatever their |
| 53 | +>> personal beliefs are, as a fundamental human right. |
| 54 | +
|
| 55 | +Traditionally a [warrant |
| 56 | +canary](https://www.cloudflare.com/learning/privacy/what-is-warrant-canary/) |
| 57 | +allows a service to communicate indirectly that an event has occurred |
| 58 | +which might impinge on users' privacy. Usually it anticipates a |
| 59 | +warrant that requires an organization to turn over data to some |
| 60 | +law-enforcement agency. That eventuality seems unlikely for OpenSSL, |
| 61 | +so maybe it's not the best name. Still, it has a very similar |
| 62 | +function. If I ever discover that my statement is wrong, misleading or |
| 63 | +over-taken-by-events, I will edit or delete the [canary](/canary), which is an |
| 64 | +invitation for interested parties to investigate. |
| 65 | + |
| 66 | +For what it's worth, the most likely outcomes are, in order: |
| 67 | + |
| 68 | +1. I won't do anything with the canary because I leave OpenSSL without |
| 69 | + any cause to change it. |
| 70 | +2. I'll be able to report potential issues publicly and the canary |
| 71 | + will be redundant. |
| 72 | +3. My site will break when I do a [periodic |
| 73 | + upgrade](https://meta.jlericson.com/t/updating-to-a-remote-jekyll-theme/331) |
| 74 | + and the canary will send a false alarm. |
| 75 | +4. Nobody will notice when I change the canary. |
| 76 | +5. Nothing can be done about whatever I'm warning about. |
| 77 | +6. My canary sacrifices itself for the public good. |
| 78 | + |
| 79 | +The last outcome seems worth the minimal effort. |
| 80 | + |
| 81 | +[^1]: That I'm taking the time to preserve these posts is a sign that |
| 82 | + I've lost trust in the organization I was so proud to be joining a |
| 83 | + decade ago. |
| 84 | + |
| 85 | +[^2]: Based on [the |
| 86 | + method](https://meta.jlericson.com/t/using-the-rule-of-three-to-estimate-the-end-of-the-world/332) |
| 87 | + I use for calculating the destruction of civilization via nuclear |
| 88 | + war, I'm estimating there's a ~10% chance of catastrophic failure |
| 89 | + this year and the median time to failure at 6ish years. |
| 90 | + |
| 91 | +[^3]: By the way, this could be an end-of-civilization scenario given |
| 92 | + our dependence on internet commerce and communication. |
| 93 | +<!-- LocalWords: OpenSSL |
| 94 | + --> |
0 commit comments