Roger Dingledine wrote: > SUMMARY: > This is a critical security announcement. > > A bug in the Debian GNU/Linux distribution's OpenSSL package was > announced today. This bug would allow an attacker to figure out private > keys generated by these buggy versions of the OpenSSL library. Thus, > all private keys generated by affected versions of OpenSSL must be > considered to be compromised.
One of my tor nodes was affected. I've upgraded openssl and changed keys. Two questions: Do I have to do something to get the old key blacklisted to make sure that someone can't impersonate it? (Old fingerprint: $C33ABC15B69DA274588CA1869CC1EE7B1DC11DAD) Should I rename my node? It doesn't show up as named anymore because of the key change.