On Mon, 2017-10-16 at 21:06 +0200, Christian Seiler wrote: > Unfortunately, as far as I understand it, there's no easy method for > detecting these kinds of broken keys without actually attempting to > factorize them - and while that's feasible (hence the vulnerability) > it is still quite expensive - so there is currently no easy method of > scanning through the Debian keyring for affected keys. Actually that's wrong, the generation process leaves “fingerprints” which can be used to identify keys. See for example: https://keychest.net/roca https://github.com/crocs-muni/roca These tools have been used to identify three vulnerable (sub)keys in the Debian keyring (this is already been taken care of). Regards, -- Yves-Alexis
Attachment:
signature.asc
Description: This is a digitally signed message part