[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Sks-devel] old certificates
From: |
Kiss Gabor (Bitman) |
Subject: |
[Sks-devel] old certificates |
Date: |
Tue, 29 Apr 2014 12:52:54 +0200 (CEST) |
User-agent: |
Alpine 2.02 (DEB 1266 2009-07-14) |
Dear all,
A quick scan of certificates used by current HKPS pool members
shows that the following servers have pre-heartbleed certificate:
a.keyserver.pki.scientia.net Aug 4 15:32:48 2013 GMT
key.adeti.org Mar 9 12:35:57 2014 GMT
key.ip6.li Nov 9 14:26:10 2013 GMT
keys.alderwick.co.uk Feb 7 18:22:08 2014 GMT
keys.fedoraproject.org Aug 6 08:22:21 2013 GMT
keys.sflc.info Oct 2 19:57:20 2013 GMT
keys2.alderwick.co.uk Feb 7 18:22:36 2014 GMT
keyserver.codinginfinity.com Jan 9 21:24:09 2014 GMT
keyserver.secretresearchfacility.com Jul 5 00:02:38 2013 GMT
keyserver.secure-u.de Jan 13 19:18:27 2014 GMT
keyserver.skoopsmedia.net Nov 19 18:24:26 2013 GMT
keyserver.ut.mephi.ru Nov 13 12:45:02 2013 GMT
keyserver.witopia.net Nov 7 22:13:57 2013 GMT
klucze.achjoj.info Nov 13 19:37:55 2013 GMT
pgpkeys.eu Mar 9 12:48:04 2014 GMT
sks.fidocon.de Aug 31 11:22:45 2013 GMT
sks.karotte.org Jul 4 21:10:30 2013 GMT
sks.mrball.net Oct 4 22:02:56 2013 GMT
sks.undergrid.net Nov 14 17:52:09 2013 GMT
zimmermann.mayfirst.org Nov 13 20:49:36 2013 GMT
I bet at least one third of these servers is affected by
Heartbleed Bug. :-) However I cannot figure out which of them.
I ask everybody to declare if they did not use compromised version
of openssl since the start of validity period of certificate.
Gabor
- [Sks-devel] old certificates,
Kiss Gabor (Bitman) <=
- Re: [Sks-devel] old certificates, Stephan Seitz, 2014/04/29
- Re: [Sks-devel] old certificates, Benny Baumann, 2014/04/29
- Re: [Sks-devel] old certificates, Daniel Austin, 2014/04/29
- Re: [Sks-devel] old certificates, Nat Howard, 2014/04/30
- Re: [Sks-devel] old certificates, Christoph Anton Mitterer, 2014/04/30
- Re: [Sks-devel] old certificates, Andrew Alderwick, 2014/04/30