On 14 April 2014 21:34, Mark Thomas <ma...@apache.org> wrote:
> On 14/04/2014 20:45, Tim Whittington wrote:
>>
>> On 15/04/2014, at 1:26 am, Christopher Schultz 
>> <ch...@christopherschultz.net> wrote:
>>
>>> Mark,
>>>
>>> On 4/13/14, 10:29 AM, Mark Thomas wrote:
>>>> On 13/04/2014 08:18, Christopher Schultz wrote:
>>>>> Mark,
>>>>>
>>>>> On 4/13/14, 10:10 AM, Mark Thomas wrote:
>>>>>> On 13/04/2014 08:09, Christopher Schultz wrote:
>>>>>>> All,
>>>>>>>
>>>>>>> I've taken the liberty of creating a Heartbleed info page on
>>>>>>> the wiki. I'm going to add a mention of it under the "Not a
>>>>>>> vulnerability in Tomcat" section for the security pages for
>>>>>>> Tomcats 6, 7, and 8.
>>>>>>
>>>>>> And tc-native please.
>>>>>>
>>>>>>> Shall I also add something to the home page as well? Or shall
>>>>>>> we just roll that into the upcoming announcement of tcnative
>>>>>>> 1.1.30? I kind of think it should do with the tcnative
>>>>>>> announcement, but Mladen hasn't yet closed the vote, published
>>>>>>> the build, etc. and I wanted to get something up sooner rather
>>>>>>> than later.
>>>>>>
>>>>>> +1 to the native announcement.
>>>>>>
>>>>>>> Does anyone have any suggestions for how to proceed?
>>>>>>
>>>>>> Your plan looks good to me.
>>>>>
>>>>> Okay, good. I've updated the Tomcat security info (will do
>>>>> tcnative soon). Once I've done that, what's the process to actually
>>>>> refresh the website? I re-built and committed the .html files from
>>>>> svn already.
>>>>
>>>> That is all you need to do. The site should update a few seconds later.
>>>
>>> Great, I can see my updates posted, now.
>>>
>>> I neglected to change my password in the open window set by the infra
>>> team, so it's been reset. The web-based reset tool isn't working for me
>>> so I sent a message to r...@apache.org explaining the situation. I
>>> haven't heard back, yet.
>>>
>>> So I'm a little stuck until I can get a password reset. I can access
>>> people.apache.org with my ssh2 key. Is this something you might be able
>>> to goose-along?
>>>
>>
>> http://id.apache.org/reset/ worked for me, but it might require a GPG key 
>> registered in your profile (my reset came GPG encrypted).
>
> id.a.o does not require GPG but if you have a public key set then it
> will always use it. If you have lost your private key and forgotten your
> password root can remove the key from the ID if you ask nicely.
>
> The alternative is to ssh to people.a.o with you ssh key and use passwd.

Did not know about that option.
Should that be added here [1] ?

I'm happy to update the page if so.

[1] https://www.apache.org/dev/infra-contact#regain-account

> Mark
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: dev-h...@tomcat.apache.org
>

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Reply via email to