> Hi. > > On Tue, 19 Aug 2008 11:32:14 -0400, Simo Sorce wrote: > >> DSA keys can be compromised if the server you connect to is >> compromised. See discussions about the recent openssl debacle for >> debian. > > Which kind of invalidates the whole "public key" concept, doesn't it? :) Yup. > Not wanting to start a new discussion about this, but the fact that > (some) debian-created keys were weak (and thus crackable) wasn't the > servers fault, but the fault of the client that generated the key in > the first place (unless I'm getting something seriously wrong). Correct. It was also server keys, but that wouldn't compromise your own client key, just the security of the server's key. To crack the encryption, you still need wither the private key or a lot of time and PCU cycles. The debian issue simply reduced the number of CPU cycles. > -- > fedora-devel-list mailing list > fedora-devel-list@xxxxxxxxxx > https://www.redhat.com/mailman/listinfo/fedora-devel-list > -- novus ordo absurdum -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
