Re: Is openssl actually safe now? (was: debian infrastructure ssh key logins disabled, passwords reset)

Date: Wed, 14 May 2008 10:08:11 +0100
From: Steve Kemp <skx@xxxxxxxxxx>
Subject: Re: Is openssl actually safe now? (was: debian infrastructure ssh key logins disabled, passwords reset)

On Wed May 14, 2008 at 10:21:18 +0200, BALLABIO GERARDO wrote:

> If so, and if that was the ONLY entropy source used in generating keys,
> then upstream openssl is (and has always been) just as broken as the
> patched Debian package. 

  It wasn't.

Steve
-- 
Debian GNU/Linux System Administration
http://www.debian-administration.org/


-- 
To UNSUBSCRIBE, email to debian-devel-REQUEST@xxxxxxxxxxxxxxxx
with a subject of "unsubscribe". Trouble? Contact listmaster@xxxxxxxxxxxxxxxx

References:
- Is openssl actually safe now? (was: debian infrastructure ssh key logins disabled, passwords reset)
  - From: BALLABIO GERARDO

Prev by Date: Re: Is openssl actually safe now? (was: debian infrastructure ssh key logins disabled, passwords reset)
Next by Date: Re: analyzing popcon data for bogus recommends
Previous by thread: Re: Is openssl actually safe now? (was: debian infrastructure ssh key logins disabled, passwords reset)
Next by thread: Re: Is openssl actually safe now? (was: debian infrastructure ssh key logins disabled, passwords reset)
Index(es):
- Date
- Thread

lists-archives.org

Re: Is openssl actually safe now? (was: debian infrastructure ssh key logins disabled, passwords reset)