diff options
| -rw-r--r-- | changes/bug11464_023 | 2 | ||||
| -rw-r--r-- | src/or/routerlist.c | 4 |
2 files changed, 3 insertions, 3 deletions
diff --git a/changes/bug11464_023 b/changes/bug11464_023 index a9cd658ab..80c04b21e 100644 --- a/changes/bug11464_023 +++ b/changes/bug11464_023 @@ -1,5 +1,5 @@ o Major features (security): - - Block every authority signing key that was used on an authority + - Block authority signing keys that were used on an authorities vulnerable to the "heartbleed" bug in openssl (CVE-2014-0160). (We don't have any evidence that these keys _were_ compromised; we're doing this to be prudent.) Resolves ticket 11464. diff --git a/src/or/routerlist.c b/src/or/routerlist.c index 7cbf6eff1..a7968beca 100644 --- a/src/or/routerlist.c +++ b/src/or/routerlist.c @@ -460,9 +460,9 @@ authority_cert_dl_failed(const char *id_digest, int status) static const char *BAD_SIGNING_KEYS[] = { "09CD84F751FD6E955E0F8ADB497D5401470D697E", // Expires 2015-01-11 16:26:31 -// dizum still needs to rotate as of 2014-04-04 +// dizum still needs to rotate as of 2014-04-14 //"0E7E9C07F0969D0468AD741E172A6109DC289F3C", // Expires 2014-08-12 10:18:26 -// dannenberg still needs to rotate as of 2014-04-04 +// dannenberg still needs to rotate as of 2014-04-14 //"57B85409891D3FB32137F642FDEDF8B7F8CDFDCD", // Expires 2015-02-11 17:19:09 "87326329007AF781F587AF5B594E540B2B6C7630", // Expires 2014-07-17 11:10:09 "98CC82342DE8D298CF99D3F1A396475901E0D38E", // Expires 2014-11-10 13:18:56 |