Heartbleed Update v3

[daeken]

For what it's worth, I think that the patch you guys threw out there (and have been using for a while) is a great idea, and I really hope it ends up in mainline OpenSSL. I think you guys have acted 100% properly from a tech perspective in this whole thing, even if a bug did pop up (when do they not?).

I disagree strongly with the business decision made w.r.t. keys, but I hope people don't take that as me ragging on the tech team over there; you guys are doing good work.

[anonymouse01]

How do you know the business team didn't ask the tech team:

"Should we rotate all the keys?"

And someone said: "Nope, we wrote this awesome custom allocator in 2001, all good!".

FWIW, we're still waiting for our cert to be reissued by Akamai. It's only been 6 days since everyone else reissued their certs. Great job team!