Just a quick update about the Hearbleed Bug issue: Because of this OpenSSL
vulnerability (CVE-2014-0160) it was theoretically possible for an attacker
to recover our servers' private keys. As a precaution we have revoked all
old SSL keys/certificates on our servers and have reissued and installed
new SSL certificates.
Thanks,
Oliver
On Thu, Apr 10, 2014 at 11:54 PM, Oliver Maerz wrote: Information has been released about a new OpenSSL vulnerability
(CVE-2014-0160) and we were using an affected version of OpenSSL until
today - April 10, 2014, 10 AM PT. We have updated our servers now to the
latest version of OpenSSL that includes a patch for the vulnerability. We recommend changing your account password, now - if you have an account
on our the Kantara Initiative IdP (for example if you log in the Kantara
Initiative wiki using the selection "Kantara Initaitve IdP ..."). To change
your password please go to:
https://idp.kantarainitiative.org/myaccount.php If you have any questions about this incident, please do not hesitate to
contact us at staff@kantarainitative.org Thanks,
Oliver --
*Oliver Maerz*
External Consultant *Kantara Initiative*
+1 (503) 468-4188
oliver (at) kantarainitiative.org
http://www.kantarainitiative.org The information contained in this electronic message and any attachments
to this message are intended for the exclusive use of the addressee(s) and
may contain confidential or privileged information. No representation is
made on its accuracy or completeness of the information contained in this
electronic message. Certain assumptions may have been made in the
preparation of this material as at this date, and are subject to change
without notice. If you are not the intended recipient, you are hereby
notified that any dissemination, distribution or copying of this e-mail and
any attachment(s) is strictly prohibited. Please reply to Oliver Maerz and
destroy all copies of this message and any attachments from your system. --
*Oliver Maerz*
External Consultant
*Kantara Initiative*
+1 (503) 468-4188
oliver (at) kantarainitiative.org
http://www.kantarainitiative.org
The information contained in this electronic message and any attachments to
this message are intended for the exclusive use of the addressee(s) and may
contain confidential or privileged information. No representation is made
on its accuracy or completeness of the information contained in this
electronic message. Certain assumptions may have been made in the
preparation of this material as at this date, and are subject to change
without notice. If you are not the intended recipient, you are hereby
notified that any dissemination, distribution or copying of this e-mail and
any attachment(s) is strictly prohibited. Please reply to Oliver Maerz and
destroy all copies of this message and any attachments from your system.