Thanks for the Wikipedia link. Just wanted to point out that the link identifies more than two ways to fund public goods.
In particular, I'd like to point out the "Privileged group" solution, which can occur when some individuals or organisations obtain enough personal benefit from a public good that they're basically willing to fund the good themselves, even if others are free riding. Many organisations obtain enough personal benefit from secure communications that it's worth it for them to contribute to OpenSSL.
There are lots of other ways of encouraging funding too. Hacker News is one place where the community constructs social norms around open source contributions.
The Privileged Group case is more-or-less the informal handshake equivalent of assurance contracts, and the altruism/social status option doesn't quite seem to cut it for critical infrastructure like crypto libraries, unfortunately. But thanks for pointing those out!
In particular, I'd like to point out the "Privileged group" solution, which can occur when some individuals or organisations obtain enough personal benefit from a public good that they're basically willing to fund the good themselves, even if others are free riding. Many organisations obtain enough personal benefit from secure communications that it's worth it for them to contribute to OpenSSL.
http://en.wikipedia.org/wiki/Public_good#Privileged_group
There are lots of other ways of encouraging funding too. Hacker News is one place where the community constructs social norms around open source contributions.
http://en.wikipedia.org/wiki/Public_good#Social_norms