List Archive: gentoo-security
Note: Due to technical difficulties, the Archives are currently not up to date.
provides an alternative service for most mailing lists.c.f. bug 424647
-----BEGIN PGP SIGNED MESSAGE-----
the recently publicized SSL weak key generation for debian-based systems
has lead our university computing center to retract our
Gentoo-generated SSL keys based on an advisory from the German
DFN cert :-(
I have not found any information about whether this might also
affect Gentoo systems. A test with the Perl script from
does not show vulnerability:
~ summary: keys found: 2, weak keys: 0
So I guess that Gentoo-generated keys are not affected.
Still it would be nice to have an official statement
to prevent official certification bodies from retracting
valid Gentoo-generated keys.
Peter Schneider-Kamp mailto:psk@...
LuFG Informatik II http://verify.rwth-aachen.de/psk
RWTH Aachen phone: +49 241 80-21211
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----
email@example.com mailing list