Re: DSA 2896-2 openssl - Apache 2 not detected as service to restart by postinst?

To: info@artikel-140.nl
Cc: bsod <bsod@zom.bi>, Debian <debian-security@lists.debian.org>
Subject: Re: DSA 2896-2 openssl - Apache 2 not detected as service to restart by postinst?
From: Jeremie Marguerie <jeremie@marguerie.org>
Date: Wed, 9 Apr 2014 15:27:42 +0200
Message-id: <[🔎] CAKS89Gr-f8RTZ7aFpsQ4cxhf1ung0p860WWb=rKucYtvryGLZg@mail.gmail.com>
In-reply-to: <[🔎] 20140409131404.DD3311DC@bendel.debian.org>
References: <[🔎] slrnlk87b1.frm.fredrik@biggles.jonson.org> <[🔎] li3868$q27$1@ger.gmane.org> <[🔎] cd338aaf511bed43638be1ac3f6a9ccb@zom.bi> <[🔎] 201404091338.29845.vladislav.kurz@webstep.net> <[🔎] 20140409131404.DD3311DC@bendel.debian.org>

Yes the private keys can be compromised, but the perfect secrecy
should ensure that unless someone was doing an active MITM and had the
private key, the communications were safe.

On Wed, Apr 9, 2014 at 3:06 PM, Artikel-140 <info@artikel-140.nl> wrote:
> Hi,
>
> If Perfect Forward Secrecy is enabled, it there still a change that the
> private keys are compromised? This is the hole point about PFS, right?
>
> Grtz,
>
>
> On 04/09/2014 02:15 PM, bsod wrote:
>> Am 2014-04-09 13:38, schrieb Vladislav Kurz:
>>> So, why does openssh-server depend on libssl ?
>> oh... my bad, searched for dependencies openssl instead of libssl.
>>
>> However, it still does not use TLS and is therefore not concerned by
>> bugs in the heartbeat extension to it.
>>
>> Kind regards,
>>
>> Chris
>>
>>
>
>
> --
>
>
> --
> To UNSUBSCRIBE, email to debian-security-REQUEST@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
> Archive: [🔎] 20140409131404.DD3311DC@bendel.debian.org">https://lists.debian.org/[🔎] 20140409131404.DD3311DC@bendel.debian.org
>



-- 
Jérémie MARGUERIE

Reply to:

Follow-Ups:
- Re: DSA 2896-2 openssl - Apache 2 not detected as service to restart by postinst?
  - From: "Bernhard R. Link" <brlink@debian.org>

References:
- DSA 2896-2 openssl - Apache 2 not detected as service to restart by postinst?
  - From: Fredrik Jonson <fredrik@jonson.org>
- Re: DSA 2896-2 openssl - Apache 2 not detected as service to restart by postinst?
  - From: Rob van der Putten <rob@sput.nl>
- Re: DSA 2896-2 openssl - Apache 2 not detected as service to restart by postinst?
  - From: bsod <bsod@zom.bi>
- Re: DSA 2896-2 openssl - Apache 2 not detected as service to restart by postinst?
  - From: Vladislav Kurz <vladislav.kurz@webstep.net>
- Re: DSA 2896-2 openssl - Apache 2 not detected as service to restart by postinst?
  - From: Artikel-140 <info@artikel-140.nl>

Prev by Date: Re: DSA 2896-2 openssl - Apache 2 not detected as service to restart by postinst?
Next by Date: Re: DSA 2896-2 openssl - Apache 2 not detected as service to restart by postinst?
Previous by thread: Re: DSA 2896-2 openssl - Apache 2 not detected as service to restart by postinst?
Next by thread: Re: DSA 2896-2 openssl - Apache 2 not detected as service to restart by postinst?
Index(es):
- Date
- Thread