[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: ssl problems: gpg affected?

On Thu, 15 May 2008 08:09:02 +0200
Norbert Preining <preining@logic.at> wrote:

> On Do, 15 Mai 2008, Steinar H. Gunderson wrote:
> > No. Any key who had a single DSA signature created by the flawed version of
> > OpenSSL should be considered compromised. DSA requires a secret, random
> Does this extend to gpg keys and its signatures? That would make quite
> an impact.

GnuPG does not use OpenSSL, so it should be safe. But generally it
could be possible to use same key for both GnuPG and OpenSSL and then
you would have a problem.

	Michal Čihař | http://cihar.com | http://blog.cihar.com

Attachment: signature.asc
Description: PGP signature

Reply to: