Welcome to the Kantara Initiative working wiki. All of the Work and Discussion Group spaces are available below as well as links to events. policies and other resources.
|title||OpenSSL Vulnerability / Heartbleed Bug|
Information has been released about a new OpenSSL vulnerability (CVE-2014-0160) and we were using an affected version of OpenSSL until April 10, 2014, 10 AM PT. We have updated our servers now to the latest version of OpenSSL that includes a patch for the vulnerability, revoked the old SSL keys/certificates, and reissued new SSL certificates.
We recommend changing your account password, now - if you have an account on our the Kantara Initiative IdP (for example if you log in the Kantara Initiative wiki using the selection "Kantara Initaitve IdP ..."). To change your password please go to: https://idp.kantarainitiative.org/myaccount.php. It is highly recommended to have SSL certificate validity checks (CRL and/or OCSP) enabled in your Web browsers.
If you have any questions about this incident, please do not hesitate to contact us at staff at kantarainitative.org
ASSURANCE and CERTIFICATION
Kantara Initiative Approves CSPs and Accredits AssessorsLearn How: Assurance Accreditation and Approval Center
at Levels of Assurance 1, 2, 3 non-PKI and 4
Our Mission: To grow and fulfil the market for trustworthy use of identity and personal data.
Our Vision: To see equitable and transparent exchange of identity and personal data for mutual value
Kantara Initiative is a unique global ‘commons’ that operates conformity assessment, assurance and grant of Trust Marks against de-jure standards under its Trust Framework program whilst in parallel nurturing ‘beyond-the-state-of-the-art’ ideas and developing specifications to transform the state of digital identity and personal data agency domains.
|Recently Updated Dashboard|