<html><head><meta http-equiv="content-type" content="text/html; charset=utf-8"></head><body dir="auto"><a href="https://crocs.fi.muni.cz/public/papers/rsa_ccs17">https://crocs.fi.muni.cz/public/papers/rsa_ccs17</a><div></div><div><br></div><div><span style="background-color: rgba(255, 255, 255, 0);">“A newly discovered vulnerability in generation of RSA keys used by a software library adopted in cryptographic smartcards, security tokens and other secure hardware chips manufactured by Infineon Technologies AG ... Assess your keys now with the provided <a href="https://crocs.fi.muni.cz/public/papers/rsa_ccs17#detection_tools_mitigation_and_workarounds" class="urlextern" target="_blank" title="https://crocs.fi.muni.cz/public/papers/rsa_ccs17#detection_tools_mitigation_and_workarounds" rel="nofollow noopener" style="box-sizing: border-box; text-decoration: none; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px !important; background-image: none !important;">offline and online detection tools</a> and contact your vendor if you are affected.”</span></div><div><span style="background-color: rgba(255, 255, 255, 0);"><br></span></div><div><span style="background-color: rgba(255, 255, 255, 0);">It sounds like for CAs, the remediation is to implement the detection tool as a pre-check before issuing a certificate, and then start on the process of checking existing certificates for the flaw.</span></div></body></html>