Re: HackFest Series: OpenSSL, MD5, CA security flaws

Top Page
Attachments:
Message as email
+ (text/plain)
Delete this message
Reply to this message
Author: James Lee Bell
Date:  
To: Main PLUG discussion list
Subject: Re: HackFest Series: OpenSSL, MD5, CA security flaws
I know my company sure as heck did. When all our feeds got the news on
the 30th, we were digging through all of our own certs ensuring we
didn't have an issue there. Then pushing plans to the server guys to
start looking at OpenSSL upgrades soon as they came out.

All of the certs/listed CA's that are embedded in the browsers by the
vendors are another matter entirely. Does one go overboard and rip out
the cert for every one that isn't using RSA hash, or wait for the b
browser vendors with baited breath and crossed fingers?

Lisa Kachold wrote:
> I just talked with two admins from a well known solutions provider who
> didn't know anything about these issues?
>
> Is anyone taking this seriously?
>

---------------------------------------------------
PLUG-discuss mailing list -
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss