OpenSSL is a globally distributed cryptography library touching nearly every industry in the world.
In 2023 OpenSSL was granted $127,000 for the purpose of assessments that will be performed by teams of Trail of Bits security consultants for a total of eight engineer-weeks of effort. The secure code review, including fuzzing enhancements, will be performed over a four calendar-week period, for a total of eight engineer-weeks.
This is largely unclear. In particular, please clarify:
What does "globally distributed" mean?
What type of dollars does "$" designate?
What will the scope be? Is it a review (assessments), or does it actually include enhancements?
The entry for OpenSSL in the Alpha grant recipients for 2023 reads:
This is largely unclear. In particular, please clarify: