On Thu, Jan 28, 2016 at 08:36:02PM -0500, CSS wrote:
> http://intothesymmetry.blogspot.com/2016/01/openssl-key-recovery-attack-on-dh-small.html
>
> It seems that there are a number of factors (that I do not understand)
> that determine whether an application is vulnerable. For example,
> Apache/mod_ssl is not.
>
> Is there enough information here to determine whether or not Postfix is
> vulnerable in typical configurations?
Postfix has never re-used public DH exponents, and it has never
been possible to misconfigure Postfix to do so.
--
Viktor.
