On 14/05/18 11:39, Jakob Bohm via dev-security-policy wrote:
On 14/05/2018 10:42, Hanno Böck wrote:

Yesterday was the 10y anniversary of the Debian OpenSSL random number
generator bug.

A few days ago I did a re-check of the CT logs for vulnerable keys.

I found one unexpired, unrevoked certificate issued by a CA called
"QuoVadis". I reported it and it's been revoked, they told me they'll
check their systems why this certificate issuance wasn't blocked.


I also found an unrevoked Wosign cert that I had already reported last
year. The abuse contact of wosign bounces mails.

(My check was semi-thorough, I didn't have access to all the possible
key combinations that could be generated with the Debian bug. There may
be more certs in the logs.)

You could try the openssl-blacklist package distributed by Debian in
both source and prepackaged form.  If you use the packaged form, be sure
to include the openssl-blacklist-extra package which contains the lists
of RSA-4096 and RSA-512 keys.

Their included checking program (in the .diff file) is in Python.

URL: http://ftp.de.debian.org/debian/pool/main/o/openssl-blacklist/

Today I've added a Debian weak key check feature to crt.sh. I augmented Debian's original blacklists with some other blacklists I generated ~10yrs ago for a few less common key sizes [1].

I'm currently running the check against all of the certs on the crt.sh DB. I'll report back once this has completed.

[1] https://secure.comodo.com/debian_weak_keys/

Rob Stradling
Senior Research & Development Scientist

dev-security-policy mailing list

Reply via email to