Upcoming KDE 4.4 vs. Bug #162485 (no suitably sufficient SSL/TLS support)

Sebastian Kügler sebas at kde.org
Fri Jan 8 17:22:19 CET 2010


Hi Matthias,

Thanks for contacting the KDE team.

On Friday 08 January 2010 15:12:13 Matthias Andree wrote:
> I need help finding out who is responsible release manager for KDE 4.4,

KDE's releases are managed by the release-team, a group of people from various areas 
that package, test and release the software. You can reach the Release Team at 
release-team at kde.org. I've added this mailing list to the CC:.

> as I need to bring bug #162485 to his attention; there have even been
> sponsorship offers. Please provide me with relevant e-mail addresses or
> names of people, or a suitable mailing list. See
> https://bugs.kde.org/show_bug.cgi?id=162485 for details.

This bug has indeed my attention, and as you note, it is a concerning one. The 
problem is, however, until anybody comes along and writes the code, even sponsorship 
requests don't help.

Maybe contacting a company that can help here with the available funds would be the 
way to go? At least that could help solving the "have money, need feature"-problem. 
There are some companies around that have done contracted work on KDE in the past.

> KDE 4.X has always been lacking functioning SSL/TLS certificate
> management, and thus many sites are migrating away from KDE to GNOME,
> and KDE is unusable now that 3.x is de-facto unmaintained and 4.x only
> works with unencrypted connections.

As far as I know, basic SSL support actually works in many cases. It's the 
certificate management that's lacking. I might not understand this well enough, this 
is what I've got from recent discussions (the one Richard Bos summarizes in the bug-
report).

What we're dealing with here, is a complex and unfortunate situation. An important 
feature in our network stack is incomplete, and we haven't been able to find someone 
to work on this. This is something that can (and does) happen in volunteer-driven 
software projects, though. Additionally, SSL code is usually pretty complex, so those 
that understand it well enough, and can implement such a feature are relatively rare 
and often already very busy.

Kind regards,
-- 
sebas

http://www.kde.org | http://vizZzion.org | GPG Key ID: 9119 0EF9


More information about the release-team mailing list