jschauma, 15 days ago On the topic of "key rotation, it's not just for HTTPS", @hanno finds hundreds of DKIM keys apparently generated using the #Debian #OpenSSL predictable PRNG vulenrability from 2008 (CVE-2008-0166): https://16years.secvuln.info/ (And yes, #BIMI is still stupid.)
On the topic of "key rotation, it's not just for HTTPS", @hanno finds hundreds of DKIM keys apparently generated using the #Debian #OpenSSL predictable PRNG vulenrability from 2008 (CVE-2008-0166):
https://16years.secvuln.info/
(And yes, #BIMI is still stupid.)