Future of SG2: Request for comments

Hi Community,

I’m Jochen Kressin, CTO of floragunn UG. First of all, thank you for your interest in SearchGuard! As you already know we took over the project last year and to be honest, we were a little bit overwhelmed with the traction SearchGuard gained! Since there have already been rumours about the project being dead :wink: I’d like to share our plans for SG with you.

At the moment we’re working hard on SG2, and hope to release a stable version soon. SG2 is a rewrite of SG1, and will bring new features, such as a simplified configuration management, and also many security improvements. We decided to split the project into SearchGuard, and SearchGuard SSL. As the name implies, the latter provides the SSL-layer, and is the foundation of SG.

We decided to take the project to the next level with the release of SG2 while at the same time slowly fading out the development for SG1. We will dedicate substantially more time and resources for SG2 in 2016, and provide new releases and support on a regular basis. We think SG really deserves this!

Besides that we also need to find ways to fund the project. While all core features of SG will remain free (as in free beer) and open source, we are planning to offer commercial support for enterprises, and also think of charging for some of the enterprise-level authentication modules, such as Kerberos or LDAP. However, we will definitely not charge on a per-node basis, since we think in times of cloud computing and auto scaling this model is not appropriate.

Here’s where we need your help: We really want to make sure that our plans for financing the project make sense, and do not harm SG or the open source community. We put together a simple survey to better understand how and for which kind of projects you are using SG.

If you can spare a couple of minutes, we would really appreciate your feedback: https://www.surveymonkey.com/r/QG23TGM

You can also drop me an email with your thoughts on our plans: jkressin@floragunn.com.

Thanks very much!

Jochen

···

Jochen Kressin

CTO

floragunn UG (haftungsbeschränkt)

Tempelhofer Ufer 16

10963 Berlin

Geschäftsführung: Claudia Kressin

Amtsgericht Charlottenburg HRB 147010

USt-IdNr.: DE287373363

Hey Guys,

I just want to say thank you for all the feedback we got! This really helps us a lot in deciding on an appropriate model for financing the project. BTW: We will release a new (and proper) version of the SG SSL doc next week, and place it in its own github repo. So, if anyone wants to contribute, feel free to fork and send your pull requests. Updated docs for SG2 will follow soon!

Thanks,

Jochen

···

Jochen Kressin

CTO

floragunn UG (haftungsbeschränkt)

Tempelhofer Ufer 16

10963 Berlin

Geschäftsführung: Claudia Kressin

Amtsgericht Charlottenburg HRB 147010

USt-IdNr.: DE287373363

Am Donnerstag, 25. Februar 2016 14:53:49 UTC-3 schrieb Jochen Kressin:

Hi Community,

I’m Jochen Kressin, CTO of floragunn UG. First of all, thank you for your interest in SearchGuard! As you already know we took over the project last year and to be honest, we were a little bit overwhelmed with the traction SearchGuard gained! Since there have already been rumours about the project being dead :wink: I’d like to share our plans for SG with you.

At the moment we’re working hard on SG2, and hope to release a stable version soon. SG2 is a rewrite of SG1, and will bring new features, such as a simplified configuration management, and also many security improvements. We decided to split the project into SearchGuard, and SearchGuard SSL. As the name implies, the latter provides the SSL-layer, and is the foundation of SG.

We decided to take the project to the next level with the release of SG2 while at the same time slowly fading out the development for SG1. We will dedicate substantially more time and resources for SG2 in 2016, and provide new releases and support on a regular basis. We think SG really deserves this!

Besides that we also need to find ways to fund the project. While all core features of SG will remain free (as in free beer) and open source, we are planning to offer commercial support for enterprises, and also think of charging for some of the enterprise-level authentication modules, such as Kerberos or LDAP. However, we will definitely not charge on a per-node basis, since we think in times of cloud computing and auto scaling this model is not appropriate.

Here’s where we need your help: We really want to make sure that our plans for financing the project make sense, and do not harm SG or the open source community. We put together a simple survey to better understand how and for which kind of projects you are using SG.

If you can spare a couple of minutes, we would really appreciate your feedback: https://www.surveymonkey.com/r/QG23TGM

You can also drop me an email with your thoughts on our plans: jkressin@floragunn.com.

Thanks very much!

Jochen

Jochen Kressin

CTO

floragunn UG (haftungsbeschränkt)

Tempelhofer Ufer 16

10963 Berlin

Geschäftsführung: Claudia Kressin

Amtsgericht Charlottenburg HRB 147010

USt-IdNr.: DE287373363