|
|
|
|
|
|
by peterwwillis
4455 days ago
|
|
|
This proposal has nothing to do with the current vuln. Heartbleed lets you use the negotiation/handshake to read all the memory on the server. It has nothing to do with certs at all. Revoking a cert just means you're closing the exposure after the fact; it's not really preventing disaster, more like mopping up after it. |
|
|
The point of the article was more saying that revoking certs is not sufficient, and we need better procedures in place to prevent disaster when problems of this nature occur.