Hello!
What should I have do? I use Debian for subca, rootca is working on
Fedora. I generated 400 cert on subca and distributed to clients.
Last week I saw message about openssl vulnerability in Debian:
"Luciano Bello discovered that the random number generator in Debian's
openssl package is predictable.  This is caused by an incorrect
Debian-specific change to the openssl package (CVE-2008-0166).  As a
result, cryptographic key material may be guessable."  I check certs
are Affected.  So in this way I must revoked all client 's certs and
subca cert in rootca. But i have a questions what about crl, where
client find crl if I revoced (and genetated new) subca cert. I would
like ask developers about way to find solution??
Macie

-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft 
Defy all challenges. Microsoft(R) Visual Studio 2008. 
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
_______________________________________________
Openca-Users mailing list
Openca-Users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openca-users

Reply via email to