[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Help-gnutls] Re: Previous bug in Debian regarding entropy Gnu-TLS,
From: |
Florian Weimer |
Subject: |
Re: [Help-gnutls] Re: Previous bug in Debian regarding entropy Gnu-TLS, Exim-4.60, 2.4 kernel |
Date: |
Wed, 12 Jul 2006 12:51:15 +0200 |
* Nikos Mavrogiannopoulos:
>> I would be surprised if RSA_EXPORT support is needed at all. I don't
>> see it in my mail server logs, and don't you need a special server
>> certificate to enable it anyway?
>
> The only requirement is for the server certificate to be able to be used
> for signing.
I don't think this is correct; the certificate issuer must come from
certain well-known CAs which allow upgrading to a better security
level. If you don't need interoperability with crippled clients,
you'd use RSA instead of RSA_EXPORT in the first place.
> Indeed. But in the versions of linux used, they depleted the same pool,
> thus again /dev/random was blocked.
But on a typical GNU/Linux system, no periodic tasks read from
/dev/random, so it doesn't matter if the pool has been depleted or
not. And the process which generates the key parameters for Exim
would not block, either.
--
Florian Weimer <address@hidden>
BFK edv-consulting GmbH http://www.bfk.de/
Durlacher Allee 47 tel: +49-721-96201-1
D-76131 Karlsruhe fax: +49-721-96201-99
- [Help-gnutls] Re: Previous bug in Debian regarding entropy Gnu-TLS, Exim-4.60, 2.4 kernel, (continued)
- [Help-gnutls] Re: Previous bug in Debian regarding entropy Gnu-TLS, Exim-4.60, 2.4 kernel, Simon Josefsson, 2006/07/06
- Re: [Help-gnutls] Re: Previous bug in Debian regarding entropy Gnu-TLS, Exim-4.60, 2.4 kernel, Nikos Mavrogiannopoulos, 2006/07/06
- [Help-gnutls] Re: Previous bug in Debian regarding entropy Gnu-TLS, Exim-4.60, 2.4 kernel, Jeremiah Foster, 2006/07/06
- Re: [Help-gnutls] Re: Previous bug in Debian regarding entropy Gnu-TLS, Exim-4.60, 2.4 kernel, Nikos Mavrogiannopoulos, 2006/07/06
- [Help-gnutls] Re: Previous bug in Debian regarding entropy Gnu-TLS, Exim-4.60, 2.4 kernel, Simon Josefsson, 2006/07/06
- Re: [Help-gnutls] Re: Previous bug in Debian regarding entropy Gnu-TLS, Exim-4.60, 2.4 kernel, Nikos Mavrogiannopoulos, 2006/07/06
- Re: [Help-gnutls] Re: Previous bug in Debian regarding entropy Gnu-TLS, Exim-4.60, 2.4 kernel, Florian Weimer, 2006/07/07
- Re: [Help-gnutls] Re: Previous bug in Debian regarding entropy Gnu-TLS, Exim-4.60, 2.4 kernel, Nikos Mavrogiannopoulos, 2006/07/08
- Re: [Help-gnutls] Re: Previous bug in Debian regarding entropy Gnu-TLS, Exim-4.60, 2.4 kernel,
Florian Weimer <=