Thu Mar 22 08:46:04 2001
-----BEGIN PGP SIGNED MESSAGE-----
>>>>> "LS" == L Sassaman <firstname.lastname@example.org> writes:
LS> I miss-spoke. You are right about key ring formats, but this
LS> bug has nothing to do with the key ring.
LS> It has to do with how the secret key is encrypted, and that
LS> *is* covered by OpenPGP.
You are absolutely and completely correct, and I bow down in awe. I
was wrong, wrong, wrong.
If the sploit uses the fields in section 22.214.171.124. of RFC 2440, -and-
if GPG uses that format for storing secret keys, then I guess GPG
would also be vulnerable.
Completely shutting up now,
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.4 (GNU/Linux)
-----END PGP SIGNATURE-----