Welcome to the Kantara Initiative working wiki. All of the Work and Discussion Group spaces are available below as well as links to events. policies and other resources.
Information has been released about a new OpenSSL vulnerability (CVE-2014-0160) and we were using an affected version of OpenSSL until April 10, 2014, 10 AM PT. We have updated our servers now to the latest version of OpenSSL that includes a patch for the vulnerability, revoked the old SSL keys/certificates, and reissued new SSL certificates.
We recommend changing your account password, now - if you have an account on our the Kantara Initiative IdP (for example if you log in the Kantara Initiative wiki using the selection "Kantara Initaitve IdP ..."). To change your password please go to: https://idp.kantarainitiative.org/myaccount.php. It is highly recommended to have SSL certificate validity checks (CRL and/or OCSP) enabled in your Web browsers.
If you have any questions about this incident, please do not hesitate to contact us at staff at kantarainitative.org