Re: Serious bug in ubiquitous OpenSSL library: "Heartbleed"

[Me <jschiel () flowtools net>]

On 04/09/2014 09:59 AM, Niels Bakker wrote:
> Then why single out the .io and .lv's?  Maybe you missed the trend (by 
> now a few years old) to get domains in those and similar ccTLD's for 
> startups?  Why even try to portray them as less trusted, as you 
> plainly did in the quoted paragraph?
>
>
>     -- Niels.
No, I didn't miss it, it's been a long time in coming.

I happened to point .io and .lv because those are the ones that were 
shared on list and are not common, at least not to me.

My concern mostly is with those that disregard what the link name is and 
just click blindly because it's a link into the issue that is affecting 
them that day.

Instead of picking on a specific tld, I should have more clearly stated 
I'd rather folks do this type of checking with code that can run 
locally. This way we can validate the code once and run as many times as 
we want. Relying on a web page doesn't always work because that site may 
be overloaded or the site owner hits some limit and the page is not 
available so you have to go validate the code from yet another site.

I did have some versions of the code that was shared and I thanked the 
OP for the other versions.

--John