[Cryptography] OpenSSL: rsa_builtin_keygen: key size too small

John Gilmore gnu at toad.com
Thu Dec 26 02:23:49 EST 2019


Ray Dillinger <bear at sonic.net> wrote:
> If you do get an openssl working that can produce a trivial RSA key,
> I'm pretty sure no other openssl in the world will consent to talk to
> it using that key.

Trying it with every possible IP address sounds like a fun way to get
a paper and a CVE.  We all know how well most software handles "things
that aren't supposed to happen".  Even if it doesn't catch modern openssl's,
there are lots of other implementations...

	John



More information about the cryptography mailing list