OpenSSL Security in Debian & Ubuntu since 2006
A.L.M.Buxey at lboro.ac.uk
A.L.M.Buxey at lboro.ac.uk
Tue May 13 21:29:03 CEST 2008
hi,
thankyou Alan for your responsible reporting of this issue,
as anyone using FreeRADIUS with EAP-TLS etc will be using OpenSSL
anyone on any platform with a weak key method needs to know
this issue.
I note that various OpenSSL-using tools are being updated to detect
such weak keys - eg OpenVPN on ubuntu - and if they detect
them, they wont start (reporting a direct error about
such keys) - will FreeRADIUS also adopt this policy?
alan
More information about the Freeradius-Users
mailing list