[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: ssl security desaster

Martin Uecker <muecker@gwdg.de> writes:

> In this case, the security advisory should clearly be updated. And all
> advise about searching for weak keys should be removed as well, because
> it leads to false sense of security. In fact, *all* keys used on Debian
> machines should be considered compromised.

All *DSA* keys.  RSA keys do not have the same problem, as I understand

Russ Allbery (rra@debian.org)               <http://www.eyrie.org/~eagle/>

Reply to: