As you may have seen, there was a recent and widely publicised bug in the Cloudfare service. You can read more about the bug here: https://blog.cloudflare.com/incident-report-on-memory-leak-caused-by-cloudflare-parser-bug/ https://github.com/pirate/sites-using-cloudflare Since the IETF uses Cloudfare for our public-facing website, you may be wondering whether there are IETF effects. I wanted to let people know that we performed an initial analysis of the possible impacts on Friday. The site www.ietf.org is primarily static and the more interesting content is at datatracker.ietf.org and various wikis that are not hosted at Cloudfare. However, we we realised that there are a few groups of users (such as the ADs) who use IETF credentials on www.ietf.org. Consequently, it is possible that some of these credentials were compromised. We’ve taken the precaution of changing the potentially affected passwords. As the analysis continues in the starting week, if we identify further groups that may be affected, we may be asking you to reset your passwords; if you get such a request, please take action as soon as possible. For your information, datatracker passwords can always be changed here: https://datatracker.ietf.org/accounts/password/ Jari Arkko, IETF Chair