[Openid-specs-ab] New MITM bug of OpenSSL

Nat Sakimura sakimura at gmail.com
Thu Jun 5 17:28:56 UTC 2014

One of our WG member company, Lepidum, found a serious bug on OpenSSL.
It affects all OpenSSL versions to date except for the newest ones, which
were fixed after CVE was filed.

for details.

Since OpenID Connect relies on TLS for its security, I think this is a
relevant information, so I am posting it here besides my Fb and Twitter


Nat Sakimura (=nat)
Chairman, OpenID Foundation
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20140606/1d1ae889/attachment.html>

More information about the Openid-specs-ab mailing list