[Servercert-wg] SCXX Ballot - Debian Weak Keys (and related vulnerabilities)
Adriano Santoni
adriano.santoni at staff.aruba.it
Fri Jun 10 11:20:23 UTC 2022
Might a third option be the tool developed by Hanno Boeck?
https://github.com/badkeys/badkeys
From our point of view it's an effective tool.
Adriano
Il 09/06/2022 15:18, Chris Kemmerer via Servercert-wg ha scritto:
> Suggested tools that CAs MAY use to obtain lists of Debian weak keys
> include:
>
> - https://github.com/CVE-2008-0166 provides a generator, for the
> complete set of parameters listed above, that runs on any modern
> 64-bit Linux system; it also provides complete sets of pregenerated
> keys for the most common RSA key sizes.
> - https://github.com/HARICA-official/debian-weak-keys provides a
> generator, for a subset of the parameters listed above, that can take
> advantage of a computer cluster.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/servercert-wg/attachments/20220610/dcd9ca1a/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4557 bytes
Desc: Firma crittografica S/MIME
URL: <http://lists.cabforum.org/pipermail/servercert-wg/attachments/20220610/dcd9ca1a/attachment.p7s>
More information about the Servercert-wg
mailing list