Key Disclosure
37 views
Skip to first unread message
Rik Thomas
Apr 17, 2014, 6:28:04 AM4/17/14
to google-authentica...@googlegroups.com
Hi Brad
Do you think there is any possibility that servers running vulnerable versions of OpenSSL could have been leaking the user keys for TOTP code generation via heartbleed?
Cheers
Rik
Do you think there is any possibility that servers running vulnerable versions of OpenSSL could have been leaking the user keys for TOTP code generation via heartbleed?
Cheers
Rik
Brad Goodman
Apr 17, 2014, 8:00:49 AM4/17/14
to Rik Thomas, google-authentica...@googlegroups.com
No idea. Technically, I'd assume it's possible is heart bleed was leaking stack space.
Sent from my iPhone (Please excuse any typos)
Sent from my iPhone (Please excuse any typos)
--
You received this message because you are subscribed to the Google Groups "google-authenticator-apache-module" group.
To unsubscribe from this group and stop receiving emails from it, send an email to google-authenticator-ap...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Reply all
Reply to author
Forward
0 new messages