tor/changes/bug11464_023
Nick Mathewson 50ad393924 Code to blacklist authority signing keys
(I need a list of actual signing keys to blacklist.)
2014-04-14 17:57:39 -04:00

6 lines
302 B
Plaintext

o Major features (security):
- Block every authority signing key that was used on an authority
vulnerable to the "heartbleed" bug in openssl (CVE-2014-0160).
(We don't have any evidence that these keys _were_ compromised;
we're doing this to be prudent.) Resolves ticket 11464.