On 17 February 2015 at 13:15, Ed Maste <ema...@freebsd.org> wrote: > > One other point - this only applies to keys generated while running on > a kernel in that range. If you previously generated keys and then > upgraded to r273872 or later there's no concern with respect to key > randomness from this issue.
One further followup, it's been pointed out that a lack of entropy can leak DSA private key material. See for example: http://rdist.root.org/2010/11/19/dsa-requirements-for-random-k-value/ https://www.imperialviolet.org/2013/06/15/suddendeathentropy.html In other words, an existing key does not become less random as a result of this flaw (which is the point I was trying to make), but it the flaw could cause it to be exposed. _______________________________________________ freebsd-current@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-current To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"