Implications of Debian OpenSSL flaw for MIT PKINIT
rra at stanford.edu
Thu May 15 12:00:41 EDT 2008
Ken Raeburn <raeburn at MIT.EDU> writes:
> On May 15, 2008, at 10:34, Russ Allbery wrote:
>> Based on that understanding, it looks to me like MIT Kerberos is not in
>> itself affected. Long-term key pairs used with PKINIT may be affected
>> if generated on an affected Debian system, but such generation is
>> external to MIT Kerberos.
>> Can you confirm whether my understanding is correct?
> I believe it is correct, yes.
Russ Allbery (rra at stanford.edu) <http://www.eyrie.org/~eagle/>
More information about the krbdev