I don’t think it was clear, but thanks for the insight.

Was WolfSSL forced upon Elixir or Erlang? Did they purchase it and received a defective product? Are they held hostage by WolfSSL’s decisions? Are they not allowed to modify WolfSSL as needed themselves?

I fail to see any victims beyond perhaps the WolfSSL maintainers for having to suffer such entitlement.

The lib is (AIUI) a client library, meaning that it will fail to communicate with an HTTPS-enabled, WolfSSL) server, ostensibly because the WolfSSL isn’t SOEC-compliant.

You explicitly modeled the situation so that no victims can exist, so please do spare people from the autofellatious poetic questions and remarks about how you fail to see any victims.

> Was WolfSSL forced upon Elixir or Erlang?

Yes actually, and upon others, that's how computer networking works. Did you read the blogpost by the way? Even just the beginning? Really doesn't seem like it.

Hint: there's a reason the word "middlebox" is mentioned 16 times in there, and that the word "server" is mentioned another 6 more.

> Did they purchase it and received a defective product?

They did not purchase a copy, WolfSSL distributed them one for free. The blogpost author did identify the product as defective however, as it allows for and defaults to spec-noncompliant behavior. It stands to reason that this then affects WolfSSL's paying customers (and their downstream customers) too, who might be unknowingly operating or interacting with spec-noncompliant services as a result.

Will people need to read out the whole article for you?

> Are they held hostage by WolfSSL’s decisions?

Yes, and so are others, that's (still) how computer networking works.

> Are they not allowed to modify WolfSSL as needed themselves?

What would they do with it? Put it on a USB stick and stick it up their ass?

> for having to suffer such entitlement

Are you really one to take issue with another person's behavior after this power tantrum?