[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] OpenSSL Advisory?
- Subject: Re: [cobalt-security] OpenSSL Advisory?
- From: Michael Stauber <cobalt@xxxxxxxxxxxxxx>
- Date: Thu, 2 Oct 2003 01:14:00 +0200
- Organization: SOLARSPEED.NET
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
Hi Eugene,
> The point is that SSH does not exchange x509 certificates. It has its
> own key exchange protocol. Probably(?) it is not ASN1 based.
Yeah. I've been reading the vendor reports on Bugtraq when they released
patches fpr this OpenSSL issue. The reports from SuSE and Debian (if I
remember correctly) give some ideas that OpenSSH is not affected.
--
With best regards,
Michael Stauber