On 02/04/2010 18:25, johnjbarton wrote:
The appropriate way to address this security problem starts by contacting the major providers of server software
There's no need to contact them, they are well aware of the problem. AFAIK they have all already issued the necessary updates. It's the sites that need to catch on those updates. And web developers can have power to influence those sites to update. -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto