[caops-wg] Debian key generation flaw

[Mike Jones]

Hi folks,

I've just been informed that openssl versions on Debian systems from Sep 
2006 - May 2008 have had a substandard key generation algorithm.  This is due 
to a predictable random number seed, resulting, I am led to believe, in a key 
space consisting of 32767 different keys for each key size, type and 
endianess.

See e.g. http://lists.debian.org/debian-security-announce/2008/msg00152.html

rgds
Mike


-- 
Dr. Mike Jones
Research Computing Services at The University of Manchester
http://www.rcs.manchester.ac.uk