Hi, Given this issue in openssl [0] , I think the issue of software errors helping retrieve an RSA key seems less and less foreign. Given its repercussions if such an issue exists (RSA private keys can be retrieved) would it make sense to have a bug fix release with that?
regards, Nikos [0]. https://blog.fuzzing-project.org/31-Fuzzing-Math-miscalculations-in-OpenSSLs-BN_mod_exp-CVE-2015-3193.html _______________________________________________ nettle-bugs mailing list [email protected] http://lists.lysator.liu.se/mailman/listinfo/nettle-bugs
