Matt Palmer

As pointed out in the linked issue, that `OpenSSL::PKey::EC#public_key` returns something completeeeeeetely different from what the other `PKey` subclasses `#public_key` methods return is a ship that has probably already sailed....

I implemented this (along with a few other useful features I needed) in the `openssl-additions` gem ([source repo](https://github.com/pwnedkeys/openssl-additions)). If anything in there is considered suitable for inclusion in core, I...

Well, the thing is, what I have already implemented in `openssl-additions` works quite fine for me, and I don't have time to try and figure out what would or would...

Yes, you should absolutely use IVs generated from a cryptographically-secure random number generator for each record, and store them with the ciphertext.

I live by, "first make it work, then make it fast". I think there's enough cases where things aren't working, so I'm in favour of making things a bit slower...

Removing connection caching does not imply doing nothing to support multi-threaded use, if that is a feature Excon wants to support. For myself, I'm ambivalent on the subject of magic,...

Could the client detect that the nonce has (or is likely to have) expired, and automatically retry? At the very least, documenting how to "clear [the nonce] and fetch a...

@thaJeztah I'd be surprised if they were related; this bug's been around since at least 17.05, while I'm fairly confident #35865 is only since 17.11. At any rate, it's easy...

I've achieved this in a HTTP service by setting the log level in the logger that is created for each request (which also carries all the per-request metadata like request...

I've got to say, I was a bit surprised to find that my IPv6-enabled containers weren't having their exposed ports registered with the IPv6 address of the container. It's certainly...