Re: openssl-blacklist & two keys per one pid

To: Dirk-Willem van Gulik <dirkx@webweaving.org>
Cc: Kees Cook <kees@ubuntu.com>, Jan Tomasek <jan@tomasek.cz>, Jamie Strandboge <jamie@ubuntu.com>, debian-security@lists.debian.org
Subject: Re: openssl-blacklist & two keys per one pid
From: Florian Weimer <fw@deneb.enyo.de>
Date: Mon, 19 May 2008 14:54:44 +0200
Message-id: <[🔎] 87prri314b.fsf@mid.deneb.enyo.de>
In-reply-to: <[🔎] 451143B7-9F52-4826-88DE-9FC8E48E27B8@webweaving.org> (Dirk-Willem van Gulik's message of "Mon, 19 May 2008 14:45:36 +0200")
References: <[🔎] 4830B725.7070104@tomasek.cz> <[🔎] 20080518233458.GF12850@outflux.net> <[🔎] 874p8u5vyx.fsf@mid.deneb.enyo.de> <[🔎] 451143B7-9F52-4826-88DE-9FC8E48E27B8@webweaving.org>

* Dirk-Willem van Gulik:

> One way to do this a bit more careful may be by comparing the actual
> data itself. OpenSSL will output this with the modulus flag:
>
> 	openssl genrsa 1024 | openssl rsa -noout -modulus

Yes, that's what dowkd is doing (albeit with a somewhat suboptimal
algorithm; I should have used the most-significant bits, not the
least-significant).

Reply to:

Follow-Ups:
- Re: openssl-blacklist & two keys per one pid
  - From: Dirk-Willem van Gulik <dirkx@webweaving.org>

References:
- openssl-blacklist & two keys per one pid
  - From: Jan Tomasek <jan@tomasek.cz>
- Re: openssl-blacklist & two keys per one pid
  - From: Kees Cook <kees@ubuntu.com>
- Re: openssl-blacklist & two keys per one pid
  - From: Florian Weimer <fw@deneb.enyo.de>
- Re: openssl-blacklist & two keys per one pid
  - From: Dirk-Willem van Gulik <dirkx@webweaving.org>

Prev by Date: Re: openssl-blacklist & two keys per one pid
Next by Date: Re: openssl-blacklist & two keys per one pid
Previous by thread: Re: openssl-blacklist & two keys per one pid
Next by thread: Re: openssl-blacklist & two keys per one pid
Index(es):
- Date
- Thread