Hi Chris, On 19.05.2008 17:02, Chris Ball wrote: > I've disabled logins with DSA keys on dev.laptop.org. Turns out that > while your RSA key is only vulnerable if *created* on a weak Debian or > Ubuntu machine, your DSA key is vulnerable if *used* on Debian/Ubuntu¹, > due to DSA having a greater reliance on randomness. > > Please mail [EMAIL PROTECTED] if you were using a DSA key that you > now need to replace. >
What happens to those who never logged in *from* a Debian/Ubuntu machine? There's no reason to not let them keep their DSA key. The PRNG on the target host doesn't even appear in the DSA signature creation calculations and therefore is irrelevant to DSA key security. Regards, Carl-Daniel _______________________________________________ Devel mailing list [email protected] http://lists.laptop.org/listinfo/devel
