[Sks-devel] old certificates

sks-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Sks-devel] old certificates

From:	Kiss Gabor (Bitman)
Subject:	[Sks-devel] old certificates
Date:	Tue, 29 Apr 2014 12:52:54 +0200 (CEST)
User-agent:	Alpine 2.02 (DEB 1266 2009-07-14)

Dear all,

A quick scan of certificates used by current HKPS pool members
shows that the following servers have pre-heartbleed certificate:

a.keyserver.pki.scientia.net            Aug  4 15:32:48 2013 GMT
key.adeti.org                           Mar  9 12:35:57 2014 GMT
key.ip6.li                              Nov  9 14:26:10 2013 GMT
keys.alderwick.co.uk                    Feb  7 18:22:08 2014 GMT
keys.fedoraproject.org                  Aug  6 08:22:21 2013 GMT
keys.sflc.info                          Oct  2 19:57:20 2013 GMT
keys2.alderwick.co.uk                   Feb  7 18:22:36 2014 GMT
keyserver.codinginfinity.com            Jan  9 21:24:09 2014 GMT
keyserver.secretresearchfacility.com    Jul  5 00:02:38 2013 GMT
keyserver.secure-u.de                   Jan 13 19:18:27 2014 GMT
keyserver.skoopsmedia.net               Nov 19 18:24:26 2013 GMT
keyserver.ut.mephi.ru                   Nov 13 12:45:02 2013 GMT
keyserver.witopia.net                   Nov  7 22:13:57 2013 GMT
klucze.achjoj.info                      Nov 13 19:37:55 2013 GMT
pgpkeys.eu                              Mar  9 12:48:04 2014 GMT
sks.fidocon.de                          Aug 31 11:22:45 2013 GMT
sks.karotte.org                         Jul  4 21:10:30 2013 GMT
sks.mrball.net                          Oct  4 22:02:56 2013 GMT
sks.undergrid.net                       Nov 14 17:52:09 2013 GMT
zimmermann.mayfirst.org                 Nov 13 20:49:36 2013 GMT

I bet at least one third of these servers is affected by
Heartbleed Bug. :-) However I cannot figure out which of them.
I ask everybody to declare if they did not use compromised version
of openssl since the start of validity period of certificate.

Gabor

[Prev in Thread]

Current Thread

[Next in Thread]

[Sks-devel] old certificates, Kiss Gabor (Bitman) <=
- Re: [Sks-devel] old certificates, Stephan Seitz, 2014/04/29
- Re: [Sks-devel] old certificates, Benny Baumann, 2014/04/29
  - Re: [Sks-devel] old certificates, Gabor Kiss, 2014/04/29
    - Re: [Sks-devel] old certificates, Jeremy T. Bouse, 2014/04/29
- Re: [Sks-devel] old certificates, Daniel Austin, 2014/04/29
- Re: [Sks-devel] old certificates, Nat Howard, 2014/04/30
- Re: [Sks-devel] old certificates, Christoph Anton Mitterer, 2014/04/30
  - Re: [Sks-devel] old certificates, Kristian Fiskerstrand, 2014/04/30
- Re: [Sks-devel] old certificates, Andrew Alderwick, 2014/04/30

Prev by Date: Re: [Sks-devel] Configuring the reverse proxy to support large keys - HTTP error 413
Next by Date: Re: [Sks-devel] Configuring the reverse proxy to support large keys - HTTP error 413
Previous by thread: [Sks-devel] Cleaning time
Next by thread: Re: [Sks-devel] old certificates
Index(es):
- Date
- Thread