Is this also used when generating symmetric keys? Or only used by secret key generation? If the last is the case, then existing keys generated on DOS (or Linux?) might be safe (apart from a possibly short key length).
Existing certificates would be unaffected, but since the CSPRNG is used for all sorts of things in signatures and encryption, it absolutely should not be used for anything more than reading old traffic.
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
