On Thu, 15 May 2008 08:09:02 +0200 Norbert Preining <[EMAIL PROTECTED]> wrote:
> On Do, 15 Mai 2008, Steinar H. Gunderson wrote:
> > No. Any key who had a single DSA signature created by the flawed version of
> > OpenSSL should be considered compromised. DSA requires a secret, random
>
> Does this extend to gpg keys and its signatures? That would make quite
> an impact.
GnuPG does not use OpenSSL, so it should be safe. But generally it
could be possible to use same key for both GnuPG and OpenSSL and then
you would have a problem.
--
Michal Čihař | http://cihar.com | http://blog.cihar.com
signature.asc
Description: PGP signature
