On Fri, May 16, 2008 at 07:42:14AM +1000, Daniel Black <[EMAIL PROTECTED]> wrote: > > i'm hoping people have picked this up however just fyi, dkim-genkey uses > openssl to generate DKIM keys (rsa). > > http://www.debian.org/security/2008/dsa-1571 > > http://www.ubuntu.com/usn/usn-612-1
Indeed, and thanks for the notice. Scott Kitterman (who maintains the Ubuntu package) mentioned this to me (as the Debian maintainer), and I'm working on an upload that will draw attention to this and urge recreation of any compromised keys found in the configuration. In the meantime, concerned Debian users certainly don't need to wait on me to recreate their keys :). Worth noting as well is the fact that this also applies to dk-milter's gentxt.csh (or to any keys generated for either with Debian's OpenSSL). -- Mike Markley <[EMAIL PROTECTED]> ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ _______________________________________________ dkim-milter-discuss mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/dkim-milter-discuss
