On Thu, Aug 27, 2009 at 07:09:04AM +0100, Neil Williams wrote: > On Thu, 27 Aug 2009 15:12:20 +0930 > Ron <[email protected]> wrote: > > > On Wed, Aug 26, 2009 at 08:16:18PM +0100, David Goodenough wrote: > > > Actually it is openssl-blacklist that contains openssl-vulnkey, and > > > in sid openssl depends on that. And as openssl-vulnkey is written in > > > python it is rather needed. > > > > $Someone should just rewrite that in a $real language. The gratuitous extra > > dependency on python there is annoying for more than just embedded systems. > > Or just decide whether you actually need the blacklist on an embedded > system - what is the benefit of scanning SSH keys on the embedded > device? Scanning for vulnerable keys (by definition old keys) is a > service devised for servers where a lot of people have SSH keys.
The ssh blacklist isn't a problem. It's only the SSL one that drags in python this way. But breaking the hard dep may indeed be useful also. -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
