|
|
|
|
|
|
by geographomics
4145 days ago
|
|
|
> After Heartbleed however, when presented with a huge list of compromised certificates Possibly compromised. That's why it was the subscriber's choice, to decide in the balance of probabilities whether to revoke or not. It's not like the Debian weak keys flaw where there was absolute proof of the private key being compromised - a database of all the possible keys (at standard lengths) were generated. In that case, StartSSL revoked the certificates automatically and free of charge. |
|
|