9 Apr
2014
9 Apr
'14
12:36 p.m.
On Wed, Apr 9, 2014 at 5:49 AM, Roger Dingledine <arma@mit.edu> wrote: [...]
Anybody have a plan 3?
Update the client and server code to explicitly blacklist the old signing keys, and design a better key revocation mechanism for the next time, in case there is a next time? -- Nick