Maintainer input on key rollovers

To: debian-devel-announce@lists.debian.org
Subject: Maintainer input on key rollovers
From: Moritz Muehlenhoff <jmm@debian.org>
Date: Wed, 14 May 2008 23:13:22 +0200
Message-id: <[🔎] 20080514211322.GA3719@galadriel.inutil.org>
Mail-followup-to: debian-devel@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Maintainers of packages creating or using keys potentially affected
by the recent openssl vulnerability are encouraged to write up
information, whether their packages are affected and how users
can re-generate cryptographic key material and send it to the
Security Team.

We're working on collecting this information for major packages
already, but we can't do that for the whole archive. 
You should contact us in any case, even if only to affirm our
findings.

A lot of information is already being collected on
http://wiki.debian.org/SSLkeys 

Once verified or acknowledged by maintainers information will
be moved to http://www.debian.org/security/key-rollover/
which is only writable by the Debian WWW group.

Please get in touch with us at team@security.debian.org.

Cheers,
        Moritz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFIK1T7Xm3vHE4uyloRAmDkAJwIp6+CBFZRtqp2qsC01wsP4IYVOwCgmWPV
W/Lr42Duk3WbfqXFcqT5LOk=
=76Qd
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: Alioth and SSH: restored
Next by Date: Bits from the DPL
Previous by thread: Alioth and SSH: restored
Next by thread: Bits from the DPL
Index(es):
- Date
- Thread