Bug#475194: D-H parameter generation is All Wrong
Florian Weimer
fw at deneb.enyo.de
Fri Apr 11 09:34:04 UTC 2008
> I assume you're referring to the recommendations in section 39.3 of
> spec.txt? That places (really secret) RSA key material in the same file.
> Which nicely explains the otherwise perplexing permission bits.
>
> But can you briefly explain the purpose of the RSA secret key there, and
> why it is not included in the Debian package? Is it used for encryption,
> signing, or both?
It's used for RSA_EXPORT support. We've already removed that because
it's completely unnecessary in practice.
More information about the Pkg-exim4-maintainers
mailing list