[Box Backup] Advice for users of Debian-derived systems
affected by the OpenSSL fiasco -- assume compromise of all data
Bjarne Carlsen
boxbackup@fluffy.co.uk
Mon, 19 May 2008 14:47:14 +0200
man, 19 05 2008 kl. 13:07 +0100, skrev Matt Brown:
> What I have done in this instance is update the SSL on the affected
> server, recreate the CA and re-sign all existing clients csr.pem
> files
> and re-issue a new serverCA.pem ..
You've done exactly what was needed. As your .raw keys were generated on
a secure system, your data are safe.
You should consider the transfer itself compromised, (which is no big
deal since the transferred data were encrypted).
Bjarne