Marek Marcola wrote: > Hello, >> I have read the advisory an I am a bit puzzled regarding the there are >> CAs using exponent 3 in wide use comment, I have tried to check and >> could not found any CA using this exponent, all the CA’s I have seen >> are using 0x10001 (CA’s I have generate by OpenSSL using default >> values, world wide trusted CA’s such as VeriSign and Thawte etc..)
>> are only old CA’s using exponent 3 ? >> Could anyone elaborate some on this? > Look at: > http://www.imc.org/ietf-openpgp/mail-archive/msg14307.html That's a rather worthless answer Marek, the question isn't what is the flaw (mishandled exponent 3-signed certificates), but the prevalence. My cursory examination shows most keygen tools have been using F4 style exponents most of this century. Two cases came to mind... Private CA's generated with very old tools (such tools fester a long time) Old signing keys reused for fresh signing request keys (anathema of best practices) but most importantly, public signing keys. Hagai asks how prevalent such exponent 3 public or commercial signing keys still are? Someone stated they are in "wide use". This is not 'private' information, and Hagai just asked if someone has done the actual research of affected public/commercial signing authorities? ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
