Re: blacklist.RSA-1024 missing?

To: debian-security@lists.debian.org
Subject: Re: blacklist.RSA-1024 missing?
From: Guido Hennecke <debian-security-10-2003@debian.dyndns.org>
Date: Thu, 15 May 2008 20:06:15 +0200
Message-id: <[🔎] 20080515180615.GA12524@guido.ipng.hennecke-net.org>
Mail-followup-to: debian-security@lists.debian.org
In-reply-to: <[🔎] 20080515173825.GA6054@doorstop.net>
References: <[🔎] 20080515173209.GA9466@doorstop.net> <[🔎] 20080515173825.GA6054@doorstop.net>

Hallo Vineet,

At 15.05.2008, Vineet Kumar wrote
> I was able to find blacklist.RSA-1024 in Ubuntu's openssl-blacklist
> package, and (fortunately) found that my 1024-bit RSA keys are in fact
> not blacklisted.

On what hardware platform your keys were generated?

A friend tested to generate a key with PID 100 on x86-32bit and one on
x86-64bit and the keys differ. So I think, there are much more
blacklists needed than just one for 1024 bit and one for 2048.

You need one blacklist for every keytype and lenght and for every
hardware platform.

Regards, Guido

Reply to:

Follow-Ups:
- Re: blacklist.RSA-1024 missing?
  - From: Jan Tomasek <jan@tomasek.cz>

References:
- blacklist.RSA-1024 missing?
  - From: Vineet Kumar <vineet@doorstop.net>
- Re: blacklist.RSA-1024 missing?
  - From: Vineet Kumar <vineet@doorstop.net>

Prev by Date: Re: blacklist.RSA-1024 missing?
Next by Date: Re: DSA-1571 and GSSAPI
Previous by thread: Re: blacklist.RSA-1024 missing?
Next by thread: Re: blacklist.RSA-1024 missing?
Index(es):
- Date
- Thread