Ralf Ertzinger wrote: > On Tue, 19 Aug 2008 11:32:14 -0400, Simo Sorce wrote: > >> DSA keys can be compromised if the server you connect to is >> compromised. See discussions about the recent openssl debacle for >> debian. > > Which kind of invalidates the whole "public key" concept, doesn't it? > > Not wanting to start a new discussion about this, but the fact that > (some) debian-created keys were weak (and thus crackable) wasn't the > servers fault, but the fault of the client that generated the key in > the first place (unless I'm getting something seriously wrong). It's worse than that: the security of ElGamal encryption depends on a strong random number to be generated for every message, not just when the public key is first generated. Andrew. -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
