Two distinct DSA keys sign a file with the same signature. Is this repudiation issue?
grarpamp
grarpamp at gmail.com
Tue Sep 27 19:56:56 PDT 2016
On Tue, Sep 27, 2016 at 5:21 AM, Georgi Guninski <guninski at guninski.com> wrote:
> I generated them with a proggie
What proggie?
> $ openssl dgst -sha1 -verify key1.pub -signature file.txt.sig file.txt ; openssl dgst -sha1 -verify key2.pub -signature file.txt.sig file.txt
Can't verify without all your files posted.
> Is this theoretical weakness in openessl 1.0.1t?
> Is this a bug at all?
In other news, openssl just released another pile of CVE's.
More information about the cypherpunks
mailing list