CDR: Re: Phil Zimmerman Profiled
Max Inux
maxinux at openpgp.net
Fri Nov 10 18:29:25 PST 2000
On Fri, 10 Nov 2000, Meyer Wolfsheim wrote:
>On Fri, 10 Nov 2000, Max Inux wrote:
>
>> >Heh. A random number generator that produces an output of all zeros. Small
>> >flaw. No biggie.
>>
>> Except for the me that generated a key that was vulnerable to that
>> 0x149DCDDC However I believe there was an email attached to that and the
>> signatures to that key, but apparently not anymore =) And its a big deal,
>> can you say 0 strength key?
>
>Sigh. No one seems to have an appreciation of sarcasm anymore.
>
>The vulnerability was, of course, quite serious. The only way NAI dodged
>the bad publicity the bullet was by saying that no one was affected.
>
>Are you saying they lied? Can you prove your key was affected?
The key was/is on the key server publish well prior to the anouncement of
the bug, actually I believe I published it about a week after PGP 5.0 for
Linux was released.
You have the Key ID, grab it from the server. I know it was affected due
to a phone call I got at 3:00 am the morning after the bug was discovered.
when they looked through the key server for any key vulnerable.
Useride: khercs
0x149DCDDC
DH/DSS
4096/1024
10/18/1997
Never
IDEA
C2FC 876D 2D59 1710 7DA2 12FD 2948 FD98 149D CDDC
William Tiemann
<maxinux at openpgp.net> 0xE42A7FB1 http://www.openpgp.net
Key fingerprint = E4CA 2B4F 24FC B1BF E671 52D0 9E4B A590 E42A 7FB1
If crypto is outlawed only outlaws will have crypto.
More information about the Testlist
mailing list