Talk:Core Infrastructure Initiative
 | This article is rated C-class on Wikipedia's content assessment scale. It is of interest to the following WikiProjects: | ||||||||||||||||||||||||||
| |||||||||||||||||||||||||||
.svg){kind=logo}
|
 | A fact from Core Infrastructure Initiative appeared on Wikipedia's Main Page in the Did you know column on 23 May 2014 (check views). The text of the entry was as follows:
|  |
Detailed comparison of lead with sources[edit]
@Chealer: I am amazed that you are having trouble verifying the text in the lead with the citations I have provided. To help you, I am breaking down the pieces below and comparing them with the source:
| Text | Source |
|---|---|
| The Core Infrastructure Initiative (CII) is a project of the Linux Foundation to fund and support free and open-source software projects that are critical to the functioning of the Internet and other major information systems. | The Core Infrastructure Initiative is a multi-million dollar project organized by The Linux Foundation to fund open source projects that are in the critical path for core computing and Internet functions.[1] |
| The project was announced on 25 April 2014 | SAN FRANCISCO, April 24, 2014 – The Linux Foundation today announced[1] |
| in the wake of Heartbleed, a serious bug found in the OpenSSL software, | Galvanized by the Heartbleed OpenSSL crisis,[1] |
| OpenSSL is also the first software project to benefit from the initiative | The first project under consideration to receive funds from the Initiative will be OpenSSL[1] |
| after it was deemed underfunded, receiving only about $2,000 per year in donations | the OpenSSL project has in past years received about $2,000 per year in donations[1] |
| In late March, 2014 | Friday, March 21 or before - Neel Mehta of Google Security discovers Heartbleed vulnerability[2] |
| OpenSSL is free and, in theory, more secure | Companies and government agencies could have used proprietary schemes to secure their systems, but OpenSSL gave them a free and, at least in theory, more secure option[3] |
- ^ a b c d e "Amazon Web Services, Cisco, Dell, Facebook, Fujitsu, Google, IBM, Intel, Microsoft, NetApp, Rackspace, VMware and The Linux Foundation Form New Initiative to Support Critical Open Source Projects" (Press release). The Linux Foundation. 24 April 2014.
- ^ Grubb, Ben (15 April 2014). "Heartbleed disclosure timeline: who knew what and when". The Sydney Morning Herald. Retrieved 14 May 2014.
- ^ Perlroth, Nicole (18 April 2014). "Heartbleed Highlights a Contradiction in the Web". The New York Times. Retrieved 14 May 2014.
If anything, the first sentence is guilty of close paraphrasing (I didn't write that part). None of these quotes are hard to find in the sources. If you want to help improve the article and not just cause disruption, you need to do less tagging and more reading. RockMagnetist (talk) 03:31, 18 May 2014 (UTC)
- @RockMagnetist: Thank you. Note that I only challenge doubtful parts, not the amount of donations, the definition, nor the origins from Heartbleed. I am restoring the challenges except for the one on security (sorry for missing that one). Regarding the second piece, April 24th and April 25th are different. Regarding the fourth piece, a project won't necessarily be selected just because it's under consideration. Regarding the fifth, the "March 21 or before" indication doesn't support "late March, 2014" (I am not truly challenging this one, just requesting a proper reference, since the discovery might indeed have occured in late March). --Chealer (talk) 03:55, 18 May 2014 (UTC)
- Oh, now I understand. With trivial problems like that, you could save a lot of time and confusion by just fixing them. In the lead, by the way, you had two copies of each tag.RockMagnetist (talk) 05:19, 18 May 2014 (UTC)
- The problem is to determine the fix - assume the doubtful material is wrong and perform these trivial changes, or assume it's right and try to find references.
- The 2 tags challenged different facts. I normally challenge as close to the material as possible to make that clear, but Failed verification has to go right after the failing reference, so if we have a single reference for a whole paragraph, that reference can end up with quite a few failures. --Chealer (talk) 18:19, 18 May 2014 (UTC)
- @Chealer: I know that the tags were close to the challenged facts, but I was still missing the point, as you can see from the above discussion. I think that is one reason why they say Avoid tagging articles if you can easily fix the problem (boldface theirs) at Template messages/Cleanup. If you're wrong, your change can easily be reverted; but if you're right, no further edits are needed. RockMagnetist (talk) 20:21, 21 May 2014 (UTC)
- @RockMagnetist: I try to (and usually do) come back to issues I tagged and fix if they stay unresolved for a while, assuming that the claim is wrong. But we all do errors, which is one reason why I give sourcing a chance first. --Chealer (talk) 01:57, 22 May 2014 (UTC)
- But thanks for catching them. RockMagnetist (talk) 15:21, 18 May 2014 (UTC)
Time service protocol[edit]
I found the passage related to the time service protocol. The quote is: "and the Internet Time Service protocol, which synchronizes computer times over the Internet. It is used by major financial exchanges and maintained by one developer in Maryland." The NIST Internet Time Service does originate from Maryland, but is not itself a protocol or open-source software. I was confounding it with Network Time Protocol, which is maintained by a team led by someone in Delaware. I'm not confident the original quote is accurate, so I'll just remove that passage. RockMagnetist (talk) 05:58, 18 May 2014 (UTC)
- Thanks. I had a feeling it would indeed not be about software maintenance. --Chealer (talk) 19:56, 18 May 2014 (UTC)
Resolved
Wasn't Google Inc. and another company (I forget the name, as far as I remember it was a Scandinavian one) able to check the code because it is open-source software and therefore the bug was found? 87.78.128.193 (talk) 08:02, 23 June 2014 (UTC)
Replacement by OpenSSF[edit]
According to its website, "CII has been replaced by the Open Source Security Foundation (OpenSSF)". From Wikipedia's OpenSSF article and the OpenSSF's website, it looks like this change occurred in August 2020.
I suggest the following adjustments in the article :
- turning the first sentence to the past tense : "The Core Infrastructure Initiative (CII) is a project of the Linux Foundation" -> "The Core Infrastructure Initiative (CII) was a project of the Linux Foundation"
- adding the following sentence at the end of the article's abstract : "In August 2020, the initiative's activities were transferred to the Open Source Security Foundation" (with a wikilink to the article)
More details could be provided in the article, if anyone has time to do so (I noticed that the OpenSSF's article is not very detailed either).
--37.165.134.160 (talk) 17:47, 13 January 2022 (UTC)
- C-Class Computing articles
- Low-importance Computing articles
- C-Class software articles
- Unknown-importance software articles
- C-Class software articles of Unknown-importance
- All Software articles
- C-Class Free and open-source software articles
- Low-importance Free and open-source software articles
- C-Class Free and open-source software articles of Low-importance
- All Free and open-source software articles
- All Computing articles
- C-Class Linux articles
- Low-importance Linux articles
- WikiProject Linux articles
- Wikipedia pages with to-do lists
- Wikipedia Did you know articles