Thanks for your bug report and sorry for the delay in responding. Ubuntu (and Debian) have the most complete blacklists available in the openssl-blacklist and openssl-blacklist-extra packages (unless someone has released 8192 bit somewhere).
I ran openssl-vulnkey on the attached certificate, and it is not in the database. However, I did get the ssl cert from https://bad.codefromthe70s.org using:
$ openssl s_client -connect bad.codefromthe70s.org:443
then copied the certificate into a file. Running openssl-vulnkey on this file shows the certificate as compromised, and indeed, the cert from the website and the one supplied in this bug are different. I am therefore marking this bug as invalid. Please feel free to reopen if you have more information.
Thanks for your bug report and sorry for the delay in responding. Ubuntu (and Debian) have the most complete blacklists available in the openssl-blacklist and openssl- blacklist- extra packages (unless someone has released 8192 bit somewhere).
I ran openssl-vulnkey on the attached certificate, and it is not in the database. However, I did get the ssl cert from https:/ /bad.codefromth e70s.org using: 70s.org: 443
$ openssl s_client -connect bad.codefromthe
then copied the certificate into a file. Running openssl-vulnkey on this file shows the certificate as compromised, and indeed, the cert from the website and the one supplied in this bug are different. I am therefore marking this bug as invalid. Please feel free to reopen if you have more information.