On Fri, May 16, 2008 at 03:27:42PM -0500, Adam Majer wrote: > Russ Allbery wrote: > > Martin Uecker <[EMAIL PROTECTED]> writes: > > > >> In this case, the security advisory should clearly be updated. And all > >> advise about searching for weak keys should be removed as well, because > >> it leads to false sense of security. In fact, *all* keys used on Debian > >> machines should be considered compromised. > > > > All *DSA* keys. RSA keys do not have the same problem, as I understand > > it. > > Err, how so?? > > RSA keys generated with broken OpenSSL need replacing. This means SSL > certificates, CA, etc.... > > But RSA keys (for SSL, as an example), generated on good OpenSSL but > used on Etch servers are ok?
Yes. Mike -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]