[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Sks-devel] old certificates
From: |
Nat Howard |
Subject: |
Re: [Sks-devel] old certificates |
Date: |
Tue, 29 Apr 2014 19:20:14 -0400 |
On Apr 29, 2014, at 6:52, Kiss Gabor (Bitman) <address@hidden> wrote:
> Dear all,
>
> A quick scan of certificates used by current HKPS pool members
> shows that the following servers have pre-heartbleed certificate:
>
...
> keyserver.witopia.net Nov 7 22:13:57 2013 GMT
...
> I bet at least one third of these servers is affected by
> Heartbleed Bug. :-) However I cannot figure out which of them.
> I ask everybody to declare if they did not use compromised version
> of openssl since the start of validity period of certificate.
>
> Gabor
>
Hi, Gabor — from the time keyserver.witopia.net was created, it was running an
old version of freebsd9, and thus a 0.9.8-something version of openssl, so it
was pre-heartbleed. Phew!
Let me know if you need this signed by any other alias (such as nth at witopia
dot net) and I’ll be glad to send you something direct.
- [Sks-devel] old certificates, Kiss Gabor (Bitman), 2014/04/29
- Re: [Sks-devel] old certificates, Stephan Seitz, 2014/04/29
- Re: [Sks-devel] old certificates, Benny Baumann, 2014/04/29
- Re: [Sks-devel] old certificates, Daniel Austin, 2014/04/29
- Re: [Sks-devel] old certificates,
Nat Howard <=
- Re: [Sks-devel] old certificates, Christoph Anton Mitterer, 2014/04/30
- Re: [Sks-devel] old certificates, Andrew Alderwick, 2014/04/30