Eddy Nigg (StartCom Ltd.) wrote: > I could produce millions of keys in my free time and post them to some > web site...I could tell you now that those are all compromised keys and > all CAs should now scan their subscribers keys against the ones I > posted. Should it find one, it should revoke it, right?
Eddy, this is not comparable. We're talking about the likelihood of a key being in the range of what we now consider "weak Debian keys". Ciao, Michael. _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
