On Wed, Jun 11, 2008 at 03:20:45PM -0700, Ivan Kohler wrote: > As a "past standard" key size, I believe it should be treated (for > blacklist purposes) as a standard key size, not as a non-standard key > size, and thus included in -blacklist instead of -blacklist-extra.
During the window when openssl was broken, openssh did not produce RSA-1024 keys. As a result, that blacklist is not being included in the default package. However, it is available in openssl-blacklist-extra. -- Kees Cook @outflux.net -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
