Yes, and 'most people' are distracting us from discussing the future: how can a refactoring of the OpenSSL codebase, aimed to improve understandability (which implies improved security) be organized?
There will need to be many rounds of small incremental improvements. Who could propose these steps? Who can lead the process, how could contributions be vetted? This is a huge challenge, but unless people start thinking about it and proposals are made, it just won't happen and nothing will change. Just thinking about setting up such a projects boggles the mind, which would like nothing better than to go back to bikeshedding.
There will need to be many rounds of small incremental improvements. Who could propose these steps? Who can lead the process, how could contributions be vetted? This is a huge challenge, but unless people start thinking about it and proposals are made, it just won't happen and nothing will change. Just thinking about setting up such a projects boggles the mind, which would like nothing better than to go back to bikeshedding.