Title Donors, takers size up free open source certificate support
Date 2005.03.04 13:00
Author Jay Lyman
By offering free SSL certificates to open source projects, domain registrar GoDaddy.com is asking, "Will the real open source please stand up?"
We thought it might be interesting to see what kind of response GoDaddy got, what it is doing to filter out the open source noise from the truly open source projects, and what it really takes to cash in on open source authenticity to score a free Turbo SSL Certificate from the Arizona company. Conversely, what must open source projects do to take advantage of this kind of free support -- whether it be SSL certs, hosting, or other services that can put more time and energy back on the code -- without compromising any control?
Open source Daddy
GoDaddy president and founder Bob Parsons told NewsForge that after a week of being online, the free SSL cert offer had brought in 80 responses, and not all of them open source.
"We've had some interesting applications," Parsons said. "We've had some applications from companies that do not qualify, some e-commerce sites or personal sites that have used open source, but are not themselves open source, but I'd say they've been the minority."
Among the legitimate applicants have been prominent open source projects including Mambo, Perl, Stunnel, and others, according to Parsons.
He said his company, which competes in the domain game against the entrenched and larger VeriSign, confirms that a project is truly open source largely by using the main FOSS repositories: SourceForge, freshmeat, and OSI.
In addition, Parsons said, GoDaddy digs for the right open source licenses, and the company's people talk to the free SSL applicants. GoDaddy, which promises certs "within minutes," also issues its certifications in connection with a registered and valid domain name that matches official whois registration via email, Parsons said.
While Parsons blogged about the open source movement as "one of the very best things to happen for personal computer users worldwide," the GoDaddy chief said he viewed the SSL cert offer as support and a form of "giving back," considering all of the open source software his company uses.
"We use open source in our own systems for Linux hosting, value applications, and open source security tools like Nessus and Sniffer," he said. "We believe that open source developers are truly contributing to innovation, and we want to contribute to that."
While he would not provide details on his mention of "a little more later" from GoDaddy on open source, Parsons did volunteer that the free Turbo SSL Certificates for open source projects would come with free renewal for the life of the project, provided that life remains open source.
"Our intention is to renew them [for free] as long as the project continues," he said.
It all comes down to the code
Well-known PHP Web applications framework binarycloud was among the first takers of the free SSL certs from GoDaddy, and the open source project's founder and president, Alex Black, said its need for a wildcard certification was quickly and easily addressed with the freebee.
Black, whose project also takes advantage of donated hosting from Aktiom Networks, said it is fairly simple what qualifies an open source project.
"In general, you need to make sure the code exists," Black told NewsForge. "Where's the public CVS? It's really about the code and the community around it. Where is it?"
Although Black highlighted the value of the main open source repositories -- SourceForge, Tigris, and others -- he also indicated the value of a project earning its own domain and overall presence while maintaining some presence on the traditional networks. Black said in putting together the puzzle of mailing list, bug tracking, wiki, security, and other pieces, open source projects face a maze of "shit software or bad policies."
"It's really about flexibility," he said. "The services are out there, but they really don't properly solve [a complete solution], yet," he said.
Black pointed out that when free and open source software projects are receiving free support from corporations, they must be wary of the strings that are sometimes attached.
GoDaddy, for example, wanted to put up a logo that was "more like an ad" on the binarycloud Web site, Black said. But GoDaddy proved flexible, because it agreed to scale back the logo to an actual logo.
"GoDaddy was fast to respond and they were cool about it," he said, adding that other support opportunities he has pursued were not as gracious, asking the open source developer, "What's in it for us?"
Nevertheless, Black said there are ample opportunities for open source projects to take their attention off the machines and back on the code. On the whole, he said, most open source projects are aware of such support and take advantage of it. Black said it was the providers of such free support that typically bear more burden than the projects which take advantage of them.
"We can go elsewhere," he said. "For them, they're taking something semi-commercial and offering it for free."
1. "free SSL certificates" - https://www.godaddy.com/gdshop/ssl/ssl_opensource.asp?se=%2B
2. "Mambo" - http://mamboserver.com/
3. "Perl" - http://www.perl.org/
4. "Stunnel" - http://stunnel.mirt.net/
5. "SourceForge" - http://sourceforge.net/index.php
6. "freshmeat" - http://freshmeat.net/
7. "OSI." - http://www.opensource.org/
8. "blogged" - http://bobparsons.com/FreeAntiSpywareGoDaddyProvidesFreeSSLCertsToOpenSourceProjectst.html
9. "binarycloud" - http://www.binarycloud.com/
10. "Aktiom Networks" - http://www.aktiom.net/
11. "Tigris" - http://www.tigris.org/