On Mon, Apr 14, 2014 at 2:59 PM, Jim Popovitch <jim...@gmail.com> wrote:
> 7-April: Monday, Yahoo's dmarc change kicks everyone in the groin, the > last full week before the US tax filing deadline. > The change was made on the previous Friday, so that date is largely irrelevant. 7-April: OpenSSL's *public* advisory (after a full week of private > notifications, of which yahoo surely was one tech company in on the > early notifications) > Given that many of their main services were vulnerable at the time of public disclosure, I think that's a very large assumption to make... If nothing else, I suspect the odds of it being known by the same people that made the DMARC decision/changes is low. Scott
