http://bugzilla.suse.com/show_bug.cgi?id=1081723 http://bugzilla.suse.com/show_bug.cgi?id=1081723#c4 --- Comment #4 from Bernhard Wiedemann <bwiedemann@suse.com> --- I guess, it is about this:

Generate a random per-message value k where 1 < k < q

With DSA, the entropy, secrecy, and uniqueness of the random signature value k are critical.

Implementing https://tools.ietf.org/html/rfc6979 should help to make results reproducible and make the signature even safer. We should probably involve upstream in that. Who does that? -- You are receiving this mail because: You are on the CC list for the bug.