[906] in WWW Security List Archive
Re: What's the netscape problem
daemon@ATHENA.MIT.EDU (Donald E. Eastlake 3rd)
Fri Sep 22 12:26:10 1995
Date: Fri, 22 Sep 1995 09:05:41 -0400 (EDT)
From: "Donald E. Eastlake 3rd" <dee@cybercash.com>
To: Bob Denny <rdenny@netcom.com>
Cc: www-security@ns2.rutgers.edu
In-Reply-To: <9509211024.ZM918@solo.dc3.com>
Errors-To: owner-www-security@ns2.rutgers.edu
On Wed, 20 Sep 1995, Bob Denny wrote:
> My God... They couldn't have been _that_ sloppy. I feel fairly certain that
> they used the RSA BSAFE library, and hopefully the RNG that comes with it, for
> the RSA keypair generation. But maybe they didn't seed it carefully either.
The whole Netscape problem was poor seeding.
> ...
> -- Bob
Donald
=====================================================================
Donald E. Eastlake 3rd +1 508-287-4877(tel) dee@cybercash.com
318 Acton Street +1 508-371-7148(fax) dee@world.std.com
Carlisle, MA 01741 USA +1 703-620-4200(main office, Reston, VA)
