[OTR-dev] .... dev response to question...

Ian Goldberg ian at cypherpunks.ca
Thu Oct 2 11:11:40 EDT 2008


On Wed, Oct 01, 2008 at 08:51:14PM +0200, Kjell Braden wrote:
> spamtester spamtester wrote:
> > RE DEBIAN FALL OUT OF LIBSSL - Is it the case that otr uses openssl .... - i
> > see that i have a dsa key as my private key. So, then shouldn't it be so
> > that a tool to id the weak keys and blacklist them be published ?
> > This is long over due if this is the case.
> 
> AFAIK, libotr uses libgcrypt for it's cryptographic functions and is
> therefore not vulnerable.

That is correct.

   - Ian



More information about the OTR-dev mailing list