Koozali.org: home of the SME Server

Obsolete Releases => SME Server 7.x => Topic started by: jfarschman on May 23, 2008, 04:25:02 PM

Title: 32,768 Keys in OpenSSL
Post by: jfarschman on May 23, 2008, 04:25:02 PM

http://www.technologyreview.com/Infotech/20801/

Apparently every key we have generate in the past couple of years has not been as random as we thought.  There were only 32,768 potential keys.

This is a good one because even after we upgrade the software we need to regenerate the keys as well.

 :sad:

Title: Re: 32,768 Keys in OpenSSL
Post by: Stefano on May 23, 2008, 04:27:09 PM

AFAIK it's a Debian (and *buntu) issue

in any case, this is OT in this forum

Ciao
Stefano

Title: Re: 32,768 Keys in OpenSSL
Post by: CharlieBrady on May 23, 2008, 04:27:54 PM

Quote from: jfarschman on May 23, 2008, 04:25:02 PM

http://www.technologyreview.com/Infotech/20801/

Apparently every key we have generate in the past couple of years has not been as random as we thought.

That's only true if you generated your keys on a Debian derived linux distro. SME server is not such a distro.

Title: Re: 32,768 Keys in OpenSSL
Post by: jfarschman on May 23, 2008, 07:02:34 PM

Thanks.  That article makes is sound like a much larger problem.