Am Donnerstag, den 15.05.2008, 15:20 +0200 schrieb Thijs Kinkhorst: > On Thursday 15 May 2008 14:04, Martin Uecker wrote: > > If I understand this correctly, this means that not only should keys > > generated with the broken ssl lib be considered compromised, but all > > keys which were potentially used to create DSA signatures by those > > broken libs. > > > > In this case, the security advisory should clearly be updated. > > The original advisory has this text: > "Furthermore, all DSA keys ever used on affected Debian systems for signing > or > authentication purposes should be considered compromised; the Digital > Signature Algorithm relies on a secret random value used during signature > generation." > > I read there exactly the thing you describe above. What is your suggestion?
I missed this, sorry. The advisory for ssh does not include this information. Is this not relevant for ssh for some reason? To be clear, I have been quite impressed by the professional reaction to this (and other) security problems. But it still would like to see some more information here. (Which might already be in the works.) > > And all advise about searching for weak keys should be removed as well, > > because it leads to false sense of security. In fact, *all* keys used > > on Debian machines should be considered compromised. > > The reasoning above does not go for the more common RSA keys, so this advice > would not be appropriate I think. Ok. > > I also wonder, what will the Debian community change in their > > processes to make such a security desaster less likely in the > > future? > > You mean less likely than once in 15 years? We're open to your suggestions. Something as bad as this might be rare, still, if something can be improved, it should. Upstream complained about the extensive Debian patching. I think this is a valid criticism. For security sensitive packages, requiring changes to be signed-off by a second person might be a good idea too. Another problem I have argued about before, not directly related to this incident, but IMHO another desaster waiting to happen: There is no way to independetly validate that a debian binary package was created from the corresponding source. What bothers me too is the fact that the installer scripts of all packages have root permissions during installation. While this might be hard to do, in principle I see no good reason why installer scripts could not be limited to certain tasks. Martin -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]