On May 17, 2008, at 1:34 PM, Matteo Vescovi wrote:
are there updates for this issue for old stable - sarge?
It was said sarge is not affected,
Bear in mind that you still want blacklist support for the various
tools, not just for the known_hosts and authorized_keys; but also for
people who move their identify files around, generate the web/mail
server's their x509 cert (request) on a laptop/off-line prior to
moving it onto the server and so on*.
Dw.
*: I found about a 1 to 3901 ratio between affected and non-affected
keys out of about 50k ssh-keys and
21k x509's (using the not yet complete lists!) in an environment
which is virtually only Windows,
MacOSX and FreeBSD. I think it is reasonable to assume that this
is fairly common - hence you want
these blacklist tools on a wider range of platforms/OS-es.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
