-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi,
the recently publicized SSL weak key generation for debian-based systems
(c.f. http://www.debian.org/security/key-rollover/)
has lead our university computing center to retract our
Gentoo-generated SSL keys based on an advisory from the German
DFN cert :-(
I have not found any information about whether this might also
affect Gentoo systems. A test with the Perl script from
http://security.debian.org/project/extra/dowkd/dowkd.pl.gz
does not show vulnerability:
~ summary: keys found: 2, weak keys: 0
So I guess that Gentoo-generated keys are not affected.
Still it would be nice to have an official statement
to prevent official certification bodies from retracting
valid Gentoo-generated keys.
Regards,
Peter
- --
Peter Schneider-Kamp mailto:psk@informatik.rwth-aachen.de
LuFG Informatik II http://verify.rwth-aachen.de/psk
RWTH Aachen phone: +49 241 80-21211
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEARECAAYFAkguoJQACgkQ3VbrCXkKHhxQigCfSoeTKHLeq2nprKI5BuBgPJhg
KtgAniEai4bE7HnTDKNsA/pnspdVZMFU
=xywx
-----END PGP SIGNATURE-----
--
gentoo-security@lists.gentoo.org mailing list
Hash: SHA1
Hi,
the recently publicized SSL weak key generation for debian-based systems
(c.f. http://www.debian.org/security/key-rollover/)
has lead our university computing center to retract our
Gentoo-generated SSL keys based on an advisory from the German
DFN cert :-(
I have not found any information about whether this might also
affect Gentoo systems. A test with the Perl script from
http://security.debian.org/project/extra/dowkd/dowkd.pl.gz
does not show vulnerability:
~ summary: keys found: 2, weak keys: 0
So I guess that Gentoo-generated keys are not affected.
Still it would be nice to have an official statement
to prevent official certification bodies from retracting
valid Gentoo-generated keys.
Regards,
Peter
- --
Peter Schneider-Kamp mailto:psk@informatik.rwth-aachen.de
LuFG Informatik II http://verify.rwth-aachen.de/psk
RWTH Aachen phone: +49 241 80-21211
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEARECAAYFAkguoJQACgkQ3VbrCXkKHhxQigCfSoeTKHLeq2nprKI5BuBgPJhg
KtgAniEai4bE7HnTDKNsA/pnspdVZMFU
=xywx
-----END PGP SIGNATURE-----
--
gentoo-security@lists.gentoo.org mailing list