* Kees Cook: >> The rule is simple. When the ~/.rnd file doesn't exist I get one key and >> in other situation I get another (that listed in Ubuntu >> openssl-blacklist) key. Because of this problem openssl-blacklist has to >> be twice big than openssh-blacklist. I developed simple shell scripts to >> generate list of all key lengths we are interested in. They are attached. > > Yes, this was realized during the generation of the openssl-blacklist in > Ubuntu. We're expecting to have the more complete lists published soon, > for all 3 architectures.
BTW, it appears that the same blacklist can be used for -3 and -F4 keys. (Just in case you haven't checked that already.) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
