Ondrej Mikle wrote: > I took some first 80 results from crunching the moduli > and mapped them back to certificates. In EFF's SSL > Observatory there were 3912 unique certs sharing those > factorized moduli (all embedded devices), couple extra > in other DBs.
Could you tell us a couple of things about those certs? I have created plenty of test CAs on my desktop and issued all sorts of test certs and used them on test servers. None of them would have shared primes presumably, because my code (much of it OpenSSL) has very fussy seeding and checks, but it would not matter at all if they did -- it's just for testing. I would be interested to know: 1. Were the CAs serious CAs, or just test CAs? Can you tell? 2. Were the certs in front of things that really needed protecting? Mike N _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
