Hello, Am Dienstag, 13. Mai 2008 schrieb Vincent Bernat: > OoO En ce début d'après-midi nuageux du mardi 13 mai 2008, vers 14:06, > > Florian Weimer <[EMAIL PROTECTED]> disait: > > Package : openssl > > Vulnerability : predictable random number generator > > Some other random questions: > - It seems that firefox does not handle CRL unless manually imported, > correct? This means that in most cases already issued certificates > are still vulnerable even revoked. A quick look seems to show that > most software do not handle CRL at all. > - As a maintainer of a package that have generated certificates using > OpenSSL, how should we handle the issue? > > For the last question, I see several solutions: > - the user has to read the DSA and handle it himself
Since some keys are generated automatically, (e.g. ssh host keys) users will have to regenerate keys,they haven't generated in the first place and might not be aware of their existens. That's bad. Keep smiling yanosz -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
