Welcome! Log In Create A New Profile

Re: OpenSSL leaks server-Keys / The Heartbleed Bug

Forum List Message List New Topic Print View

Jim Ohlstein

April 11, 2014 12:36PM

Admin
Registered: 15 years ago
Posts: 574

Hello,

On 4/11/14, 12:11 PM, Valentin V. Bartenev wrote:
> "Answering the Critical Question: Can You Get Private SSL Keys Using Heartbleed?"
> @ http://blog.cloudflare.com/answering-the-critical-question-can-you-get-private-ssl-keys-using-heartbleed
>

Thanks for the link. On a quick read it seems their conclusion is that
while it is *extremely* unlikely that your private key(s) was/were
stolen using nginx, you should still re-key and revoke. While
comforting, not really of any great practical help.

Nice that CloudFlare (and no doubt others) received significant advance
warning while the rest of us were left vulnerable. Just sayin...

--
Jim Ohlstein

"Never argue with a fool, onlookers may not be able to tell the
difference." - Mark Twain

_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Reply Quote

RSS

Subject	Author	Posted
OpenSSL leaks server-Keys / The Heartbleed Bug	mex	April 08, 2014 06:50AM
Re: OpenSSL leaks server-Keys / The Heartbleed Bug	mex	April 08, 2014 06:18PM
Re: OpenSSL leaks server-Keys / The Heartbleed Bug	Raul Hugo	April 08, 2014 06:24PM
Re: OpenSSL leaks server-Keys / The Heartbleed Bug	B.R.	April 08, 2014 07:02PM
Re: OpenSSL leaks server-Keys / The Heartbleed Bug	Maxim Konovalov	April 09, 2014 05:24AM
Re: OpenSSL leaks server-Keys / The Heartbleed Bug	mex	April 09, 2014 02:47PM
Re: OpenSSL leaks server-Keys / The Heartbleed Bug	Valentin V. Bartenev	April 11, 2014 12:12PM
Re: OpenSSL leaks server-Keys / The Heartbleed Bug	Jim Ohlstein	April 11, 2014 12:36PM
Re: OpenSSL leaks server-Keys / The Heartbleed Bug	Philipp	April 11, 2014 12:42PM
RE: OpenSSL leaks server-Keys / The Heartbleed Bug	Lukas Tribus	April 12, 2014 07:16AM
Re: RE: OpenSSL leaks server-Keys / The Heartbleed Bug	itpp2012	April 14, 2014 03:03PM
Re: RE: OpenSSL leaks server-Keys / The Heartbleed Bug	Maxim Dounin	April 15, 2014 07:44AM

Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 143

Record Number of Users: 8 on April 13, 2023

Record Number of Guests: 421 on December 02, 2018