Robert J. Hansen
rjh at sixdemonbag.org
Mon Jan 24 05:26:07 CET 2022
> Is this also used when generating symmetric keys? Or only used by secret
> key generation? If the last is the case, then existing keys generated on
> DOS (or Linux?) might be safe (apart from a possibly short key length).
Existing certificates would be unaffected, but since the CSPRNG is used
for all sorts of things in signatures and encryption, it absolutely
should not be used for anything more than reading old traffic.
More information about the Gnupg-users