[sendob]

I don't think you understand the nature of the problem if you think no action by customers was required.

I think the response from amazon was fine and they are clearly not amateurs technically, communication was very poor.

[eknkc]

They managed to do everything they could without customer involvement. The rest (retiring keys and stuff) can not be handled by them due to nature of the problem.

Now that the technical issue has been resolved by other smart people, I'm gonna replace our cert keys and be just fine.

[copergi]

>The rest (retiring keys and stuff) can not be handled by them due to nature of the problem.

And they actively refused to let people know when they were safe to do that. That is the problem.

[jdmichal]

I would think the post stating that "All ESBs are now patched" was that message, no? Before that post, you were not safe. After that post, you were.

[copergi]

Yes, and "sit there refreshing a page over and over waiting to see if they update it because they refuse to even give you a hint of when they expect to be done" is not acceptable.

[jdmichal]

Oh, so you mean like the update before that read "expect them to be updated in the next few hours"?

http://blog.opbeat.com/posts/amateur-hour-at-aws/few-hours.p...

I want to be clear here that there are plenty of arguments to be made here, but you are not making them.

[copergi]

Yes, that is not good enough, and it was already over a day into their complete lack of communication. Just because you don't agree with it, doesn't mean it is not an argument. I would expect a company of amazon's size to give customers precise and useful info. Not a vague "should be done in a few hours" after a day of silence.

[chris_wot]

Agreed. I'm seeing a lot of people here saying "The service is great - we didn't have to do anything!". Sure hope someone tells those people to re-key their certificates at some point.