On Sat, 2013-12-21 at 17:14 -0700, T.C. Hollingsworth wrote:
>
> > And what about our certificates? Are they more or less useless now?
>
> There are no vulnerabilities related to X.509 certificates generated
> by OpenSSL (on Fedora or otherwise) that I am aware of.
The big vulnerability in the
On Sat, Dec 21, 2013 at 1:05 PM, Mike Wright wrote:
> I've been trying to find out if the versions of openssl shipped by fedora
> use the "Dual Elliptical Curve" encryption method that RSA so politely (for
> a tidy $um) made default at the request of the US's NSA. That is the
> encryption method w
On Sat, Dec 21, 2013 at 8:05 PM, Mike Wright wrote:
> 've been trying to find out if the versions of openssl shipped by fedora
> use the "Dual Elliptical Curve" encryption method that RSA so politely (for
> a tidy $um) made default at the request of the US's NSA. That is the
> encryption method wi
On 12/22/2013 07:05 AM, Mike Wright wrote:
Hi all,
After Edward Snowden spilled the beans on the NSA I've become
extremely paranoid about system security. If not the NSA, who else?
I've been trying to find out if the versions of openssl shipped by
fedora use the "Dual Elliptical Curve" encr
Hi all,
After Edward Snowden spilled the beans on the NSA I've become extremely
paranoid about system security. If not the NSA, who else?
I've been trying to find out if the versions of openssl shipped by
fedora use the "Dual Elliptical Curve" encryption method that RSA so
politely (for a t
