[Toolserver-l] [SECURITY] Debian OpenSSL bug may affect cryptographic keys generated or used on hemlock
Bryan Tong Minh
bryan.tongminh at gmail.com
Wed May 14 10:35:55 UTC 2008
On Wed, May 14, 2008 at 12:08 PM, River Tarnell <river at wikimedia.org> wrote:
> the key _is_ affected if you copy the private part of the key to an affected
> server and use it there.
>
But only if it was an DSA key. People who copied their RSA key to the
toolserver should be safe (of course you need to ask yourself whether
it is a good idea to put your keys on a shared system but that is
another problem). If you did generate your RSA key on the toolserver
you do have a problem.
Bryan
More information about the Toolserver-l
mailing list