On Fri, 10 Nov 2000, Meyer Wolfsheim wrote:
On Fri, 10 Nov 2000, Max Inux wrote:
Heh. A random number generator that produces an output of all zeros. Small flaw. No biggie.
Except for the me that generated a key that was vulnerable to that 0x149DCDDC However I believe there was an email attached to that and the signatures to that key, but apparently not anymore =) And its a big deal, can you say 0 strength key?
Sigh. No one seems to have an appreciation of sarcasm anymore.
The vulnerability was, of course, quite serious. The only way NAI dodged the bad publicity the bullet was by saying that no one was affected.
Are you saying they lied? Can you prove your key was affected?
The key was/is on the key server publish well prior to the anouncement of
the bug, actually I believe I published it about a week after PGP 5.0 for
Linux was released.
You have the Key ID, grab it from the server. I know it was affected due
to a phone call I got at 3:00 am the morning after the bug was discovered.
when they looked through the key server for any key vulnerable.
Useride: khercs
0x149DCDDC
DH/DSS
4096/1024
10/18/1997
Never
IDEA
C2FC 876D 2D59 1710 7DA2 12FD 2948 FD98 149D CDDC
William Tiemann