Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
higherpurpose
on May 14, 2014
|
parent
|
context
|
favorite
| on:
Many sites reusing Heartbleed-compromised private ...
Maybe they should just be advised to use PFS/ECDHE instead (which should be done anyway), and it would solve this problem by itself.
sdevlin
on May 14, 2014
|
next
[–]
That would not solve the problem of active man-in-the-middle attacks.
mobiplayer
on May 14, 2014
|
prev
[–]
Yes, even renewing your keys and certs doesn't mean any previous communication is not compromised :)
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search: