really ? As a matter of fact it was notified though :)
-
-
-
They claim the contrary (https://twitter.com/gnupg/status/995936684213723136?s=21 …) also details got out way before the 24-ish embargo date. The outcome is objectively a little bit of a mess wouldn’t you say? Disclosure is hard, been there...done that (oCERT).
-
They claim that but then they wrote they have been indeed contacted https://lists.gnupg.org/pipermail/gnupg-users/2018-May/060320.html …. The outcome is yes a mess. Paper is cute though
-
Indeed, the results are neat and is rather embarrassing they the security community didn’t spot these earlier actually ;). It is a good and relevant work. But when, in few hours, you go from pre-announcement to full details released (not meant to be) then yeah...mess.
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.