Heartbleed attack on Openssl
fmv1992 at gmail.com
Thu Apr 10 01:53:28 CEST 2014
Thanks everyone for the quick and complete feedback. New questions arose:
1) Firefox uses NSS instead of OpenSSL. Still it can communicate with a
OpenSSL based server (say X) and thus the browser's type is irrelevant. The
communication between browser and X could be eavesdropped. Is that correct?
2) If the first answer is yes, only the X service credentials/data could be
stolen or does that compromis the whole browser session (e.g.:
communication browser - service Y and browser - service Z)?
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Gnupg-users