Addressing the question of why the OpenSSL project received such low levels of participation pre-Heartbleed, David A. Wheeler, an expert in government use of open source, suggests that it could be down to the choice of license. Within a longer work discussing many of the technical issues involved in addressing Heartbleed, Wheeler wrote:

I suspect that more code review and contributions would occur if OpenSSL used a standard widely used license 

Could it be that potential community members were put off engaging with OpenSSL simply on account of the licensing decision? Continue reading →