dslreports logo
 
    All Forums Hot Topics Gallery
spc
Search similar:


uniqs
40
ke4pym
Premium Member
join:2004-07-24
Charlotte, NC

ke4pym

Premium Member

Karl, it's great that dslreports is patched - but ...

you've not replaced your keys (read: SSL certificate) and you're still vulnerable.

Keys hosted on vulnerable OpenSSL versions should be considered compromised and replaced immediately.

mackey
Premium Member
join:2007-08-20

mackey

Premium Member

said by ke4pym:

you've not replaced your keys (read: SSL certificate) and you're still vulnerable.

Keys hosted on vulnerable OpenSSL versions should be considered compromised and replaced immediately.

I'm now seeing a new cert signed 4/9/14 5:05:04 PM.

Unfortunately the server's only offering me DHE-RSA-AES128-SHA so no PFS (which would mitigate even a compromised private key).

/M