There have been a number of cases where implementations of a W3C standard relied on a single shared open source implementation of the underlying library.
Having a shared implementation reduces the cost of deploying the said technology, and helps remove some interoperability challenge. But it also removes some of the benefits that having multiple independent implementations provide in terms of:
making sure the spec is clear & complete - having different people/teams try to use the same text to produce software that behaves the same way brings greater confidence that the spec is robust
when a single code base is used, it creates a single point of failure: this can manifest itself through security bugs that affect all implementations at once (e.g. heartbleed with openssl), but more generally, it raises possible worries in terms of maintenance and in terms of room for innovation/competition
This issue serves as a meta issue to collect what additional considerations may be relevant around that situation and link more detailed discussion/issues on points that emerge.
There have been a number of cases where implementations of a W3C standard relied on a single shared open source implementation of the underlying library.
Having a shared implementation reduces the cost of deploying the said technology, and helps remove some interoperability challenge. But it also removes some of the benefits that having multiple independent implementations provide in terms of:
This issue serves as a meta issue to collect what additional considerations may be relevant around that situation and link more detailed discussion/issues on points that emerge.