[Servercert-wg] SCXX Ballot - Debian Weak Keys (and related vulnerabilities)

Adriano Santoni adriano.santoni at staff.aruba.it
Fri Jun 10 11:20:23 UTC 2022

Might a third option be the tool developed by Hanno Boeck?


 From our point of view it's an effective tool.


Il 09/06/2022 15:18, Chris Kemmerer via Servercert-wg ha scritto:
> Suggested tools that CAs MAY use to obtain lists of Debian weak keys 
> include:
>   - https://github.com/CVE-2008-0166 provides a generator, for the 
> complete set of parameters listed above, that runs on any modern 
> 64-bit Linux system; it also provides complete sets of pregenerated 
> keys for the most common RSA key sizes.
>   - https://github.com/HARICA-official/debian-weak-keys provides a 
> generator, for a subset of the parameters listed above, that can take 
> advantage of a computer cluster.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/servercert-wg/attachments/20220610/dcd9ca1a/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4557 bytes
Desc: Firma crittografica S/MIME
URL: <http://lists.cabforum.org/pipermail/servercert-wg/attachments/20220610/dcd9ca1a/attachment.p7s>

More information about the Servercert-wg mailing list