Hi Barry. How would the private keys be exposed? The pub/priv computation is done locally, right?
BTW: All node servers are secure due to their ssl config turning off the "heartbeat" option. NodeWeekly: Node 0.8.x and 0.10.2+ Not Vulnerable to Heartbleed Issue<http://nodeweekly.us1.list-manage1.com/track/click?u=0618f6a79d6bb9675f313ceb2&id=48089106bd&e=5de03852bb> -- Popular Node versions aren't exposed to the Heartbleed vulnerability<http://nodeweekly.us1.list-manage.com/track/click?u=0618f6a79d6bb9675f313ceb2&id=f4a4a00af1&e=5de03852bb> as the heartbeat extension was turned off in a Node commit a year ago. Yay. *GITHUB* -- Owen On Thu, Apr 10, 2014 at 9:51 AM, Barry MacKichan < [email protected]> wrote: > It is a major PITA. Certificates on affected servers (which include Amazon > EC2 Linus servers) may have had their private keys exposed, so certificates > have to be reissued with different keys. This is, apparently, a major > bottleneck. > > --Barry > > > > > On 9 Apr 2014, at 21:23, Owen Densmore wrote: > > Worth knowing about: >> >> http://www.washingtonpost.com/news/morning-mix/wp/2014/04/ >> 09/major-bug-called-heartbleed-exposes-data-across-the-internet/ >> >> Pretty serious crypto flaw. >> >> [image: Inline image 1] >> -- Owen >> >> [image.png] >> >> ============================================================ >> FRIAM Applied Complexity Group listserv >> Meets Fridays 9a-11:30 at cafe at St. John's College >> to unsubscribe http://redfish.com/mailman/listinfo/friam_redfish.com >> > > ============================================================ > FRIAM Applied Complexity Group listserv > Meets Fridays 9a-11:30 at cafe at St. John's College > to unsubscribe http://redfish.com/mailman/listinfo/friam_redfish.com >
============================================================ FRIAM Applied Complexity Group listserv Meets Fridays 9a-11:30 at cafe at St. John's College to unsubscribe http://redfish.com/mailman/listinfo/friam_redfish.com
