[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Plans to deploy openssl-blacklist in Debian? (was: Re: ssh-vulnkey and authorized_keys)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

On 15-05-2008 20:43, Chris Adams wrote:
> 
> On May 15, 2008, at 6:25 PM, Alex Samad wrote:
>> is there away to check x509 certs with these tools ?
> 
> Yes - the wiki has one (http://wiki.debian.org/SSLkeys) but you might
> prefer the openssl-blacklist package which Ubuntu prepared:
> 
> https://launchpad.net/ubuntu/+source/openssl-blacklist/
> 
> It runs out of the box on Debian and if you edit debian/control to
> change the openssl dependency from the Ubuntu version
> (0.9.8g-4ubuntu3.1) to the Debian version (0.9.8c-4etch3) you can
> dpkg-buildpackage it and deploy it to multiple systems. I used it like
> this to flush out Apache keys:
> 
> sudo find /etc/ -xdev -type f -name \*.key -exec openssl-vulnkey {} \;

	Speaking about that, are there plans to deploy
openssl-blacklist in Debian as an official package?

Kind regards,
- --
Felipe Augusto van de Wiel (faw)
"Debian. Freedom to code. Code to freedom!"
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFILNXdCjAO0JDlykYRCMq8AKDOaci6iTFlozcZDC3mH6cUjra6nQCeMNyx
9MMqc7tVaHshsSPDfT0WhzY=
=6MyD
-----END PGP SIGNATURE-----
Reply to: