On 2016-10-08 at 19:11 -0400, Phil Pennock wrote:
> Those who follow cryptographic news may have already seen concerns
[...]
> 1. Good OS packagers generated new DH parameters on your system, and
> still do so;
When I wrote that, I was specifically thinking of the Debian maintainers
who set that up and work well with the Exim maintainers to ensure that
both sides are best helping our users.
In fact verification before sending, I saw that in fact the Debian
maintainers switched to depending upon the logic which _I_ wrote for
Exim, to use the RFC 5114 primes. Which led to:
> 5. Debian (and thus Ubuntu) stopped configuring packages to use custom
> DH parameters,
Oww. I am sorry. I did not mean to construct something which implied
that Debian is not a good packager. The opposite was my intent.
I missed something in editing. My position is simple: I screwed over
the Debian package maintainers of Exim, by accident. And now I just
insulted them by accident.
I'm going to step away from the keyboard for the evening before I
accidentally start a million-post flamewar and the collapse of a small
nation.
Regards, and apologies,
- -Phil
