Stefan Esser quits security@php.net
December 9th, 2006 | by admin | suraski.netYesterday, I had a heated debate with Stefan Esser, one of the most active people (if not the most active person) in the field of PHP security. I told him that I, as well as a lot of other contributors to the PHP project, are at odds with the way he’s behaving; While at the same time appreciating the highly skilled job he’s doing for PHP.
Unfortunately, Stefan decided to call it quits and from a blog post on his web site, it appears he’ll now attempt to become even more aggressive, do his best to ignore the best interests of PHP by disclosing unpatched holes, and in general trying to expose as many security holes in PHP. That was not my intention when I truthfully told him what I (and many more) feel about the style of his involvement.
Since Stefan is obviously not listening to me, I think it may help if people who feel his behavior is inappropriate go to his blog and submit their thoughts, or send him emails. Do that in a responsible and appropriate language, though. Maybe if he sees it’s not just me he’ll reconsider.
