Getting a grasp on Heartbleed and IDPs

[Rich Graves]

I can confirm that ssltest.py was able to extract random fragments of RAM from my test IdP running RHEL6.5, tomcat6-6.0.24-62.el6.noarch, tomcat-native-1.1.29-1.el6.x86_64.

The data was less obviously interesting than, say, Moodle, which conveniently has session cookies right there on the heap, but I'm still happy not to have gone into production yet.