Quoting Francesco P. Lovergine (2013-03-08 23:47:02) > On Thu, Mar 07, 2013 at 07:32:32PM +0100, Jonas Smedegaard wrote: > > Quoting Debian Bug Tracking System (2013-03-07 14:51:03) > > > #671063: proftpd-basic: should renew dhparams.pem file (last > > > #updated > > > on 2008-09-07) > > > > [snip] > > > > > * New upstream pre-releaese. > > > (closes: #671063) > > > > Could you please elaborate on how more spefically this has been > > fixed? > > > > Do perhaps upstream now generate certificates during build, as I > > suggested? > > > > Yes, on January. > > > If they maybe simply ship with fresh prebuilt files, has any > > mechanism been put into place to ensure it does not silently bitrot > > again? > > > > Or put differently: Has this really been _fixed_ or only poked at? > > > > A proper fix is only regenerating it on regular basis. It is out of > question doing that at every build, the process is too much intensive. > Note that AFAIK it has the same role of moduli in openssh-client, > generated in 2011 last time. Also it can be overriden by the admin as > documented.
Thanks. :-) - Jonas -- * Jonas Smedegaard - idealist & Internet-arkitekt * Tlf.: +45 40843136 Website: http://dr.jones.dk/ [x] quote me freely [ ] ask before reusing [ ] keep private
signature.asc
Description: signature
