On Thursday 15 May 2008 14:04, Martin Uecker wrote: > If I understand this correctly, this means that not only should keys > generated with the broken ssl lib be considered compromised, but all > keys which were potentially used to create DSA signatures by those > broken libs. > > In this case, the security advisory should clearly be updated. The original advisory has this text: "Furthermore, all DSA keys ever used on affected Debian systems for signing or authentication purposes should be considered compromised; the Digital Signature Algorithm relies on a secret random value used during signature generation." I read there exactly the thing you describe above. What is your suggestion? > And all advise about searching for weak keys should be removed as well, > because it leads to false sense of security. In fact, *all* keys used > on Debian machines should be considered compromised. The reasoning above does not go for the more common RSA keys, so this advice would not be appropriate I think. > I also wonder, what will the Debian community change in their > processes to make such a security desaster less likely in the > future? You mean less likely than once in 15 years? We're open to your suggestions. Thijs
Attachment:
pgpJNDVeTtD0K.pgp
Description: PGP signature