> On Jan 28, 2016, at 8:38 PM, Viktor Dukhovni <postfix-us...@dukhovni.org> > wrote: > > On Thu, Jan 28, 2016 at 08:36:02PM -0500, CSS wrote: > >> http://intothesymmetry.blogspot.com/2016/01/openssl-key-recovery-attack-on-dh-small.html >> >> It seems that there are a number of factors (that I do not understand) >> that determine whether an application is vulnerable. For example, >> Apache/mod_ssl is not. >> >> Is there enough information here to determine whether or not Postfix is >> vulnerable in typical configurations? > > Postfix has never re-used public DH exponents, and it has never > been possible to misconfigure Postfix to do so.
Awesome, thanks for replying! Charles > > -- > Viktor.
