Re: Misc development news (#8)

[Steve Langasek <vorlon@debian.org>]

On Sun, Jun 01, 2008 at 09:15:19AM +0200, Peter Palfrader wrote:
> On Sat, 31 May 2008, Steve Langasek wrote:

> > > People submitting known bad keys to ldap and stuffing those in their
> > > authorized_keys files also.  What else did you think it meant?

> > I have no idea, because I don't understand why the above would warrant a
> > policy change wrt authorized_keys.  Surely, known bad keys could already be
> > dealt with using the blacklist support that was published as part of the
> > DSA, so why would we need to disable authorized_keys altogether when there's
> > support for handling this in the server itself?

> Those blacklists are hardly exhaustive.  Hardly anybody seems to get
> that their old DSS keys, if ever used once on a broken libssl are now
> all bad.

The blacklists for each RSA keysize/wordsize/endianness are exhaustive, or
we have a big bug there that should be addressed.  The set of compromised
DSS keys is indeterminate; which means that DSS keys are not "known bad",
they're "potentially bad" and should be disabled as a preventative measure.

Anyway, that clarifies for me, thank you.

Ideally, I would hope that at some future date the openssh packages gain
support for disabling DSS user keys via the config and the debian.org
machines could use that, bringing the behavior back closer into line with
the stock OpenSSH.

-- 
Steve Langasek                   Give me a lever long enough and a Free OS
Debian Developer                   to set it on, and I can move the world.
Ubuntu Developer                                    http://www.debian.org/
slangasek@ubuntu.com                                     vorlon@debian.org