ROCA detection in GnuPG
gniibe at fsij.org
Tue Oct 17 12:45:01 CEST 2017
Werner Koch <wk at gnupg.org> writes:
> I wondered on how to best implement this in GnuPG: We have no central
> place to test _public_ keys and thus a check needs to be implemented in
> gpgsm, and gpg. I expect that OpenSSH will provide a tool to check ssh
> public keys, thus there is no need for us to do that in gpg-agent.
In case of the Debian SSH problem, it was Colin Watson who added
ssh-vulnkey to openssh source package in Debian.
It was dropped in 1:6.5p1-1. The discussion of dropping ssh-vulnkey can
be found here:
So, I'm not sure if OpenSSH will provide a tool.
More information about the Gnupg-devel