Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20141014230948.0eb7b11f.reed@reedloden.com>
Date: Tue, 14 Oct 2014 23:09:48 -0700
From: Reed Loden <reed@...dloden.com>
To: oss-security@...ts.openwall.com
Subject: Re: Truly scary SSL 3.0 vuln to be revealed soon:

On Wed, 15 Oct 2014 05:28:34 +0000
Sona Sarmadi <sona.sarmadi@...a.com> wrote:

> A reflection: Maybe we shouldn't post  information like this here or
> somewhere else which is not published yet even if the information has
> leak out? Although all members here are reliable but it is still an
> open mailing list and we should be careful and act more responsible. 

Are you saying that as a reflection on your part?

By the time you posted this morning, Twitter was already aflame with
rumors and news orgs were already starting to post them (again, all
unproven at the time), so I think it's perfectly reasonable to post here
to see what others have heard (if they aren't embargoed).

If you're talking about Hanno's reply, then by the time he posted, the
embargo was already lifted, and those were the official links to the
issue and to the associated paper.

~reed

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.