[dllthomas]

I mostly agree with this analysis - "this hole is too big for them to have sat on". Though it just occurred to me - it's possible to pick out exploit of this hole in captured encrypted traffic by examining sizes of inbound vs outbound heartbeat packets, right? In that case, with the NSA eavesdropping on everything they could possibly have been using it themselves while listening for examples of anyone else using it, which I still don't like (in terms of approval or likelihoods) but seems less flagrantly unacceptable than sitting on this and just leaving everyone's traffic and keys exposed to the world.