I can understand Troy's rationale, but I would prefer someone else than the .NET Foundation. The foundation should focus on .NET and not be a kitchen sink of everything written in .NET.
I think this is a good partnership. One of the goals of open source software foundations is to eliminate risks due to dependency on a small developer team. In this case, HIBP is a fantastic resource being maintained, and paid for, by one developer. That's not good for the maintainer, it's not good for the community, and it's risky to the community. If the sole developer wins a spot on the next flight to Mars or time travels to A.D. 802,701, the code becomes unmaintained and the site hosting payment expires. Software foundations governed by rotating teams and aren't dependant on a single individual. This is an example of something that's relatively low investment for an established software foundation - some legal fees and discounted cloud hosting from a sponsor - and benefits the whole community.
Issue is that .net is a language oriented foundation, not a cyber security one. Sending the project there looks like an ad for a Microsoft initiative and not something done with the best interest of HIBP in mind. Just an example, there is foundation literally called Open Source Security Foundation.1 If I write a python security tool and it is useful for the community, I'd think first of transferring it to them, not to the Python foundation.
Hi Jon, ... it is definitely a good thing for the project to be guarded by more than Troy's private money and legal situation. I do not disagree on these benefits. It is more about the focus of the foundation.
