RSA and DSA - misconceptions and usefull information

This post is nothing new, for some it might be. At least I consider it important enough to re-publish this information for those fiddling with RSA / DSA and keys that were used to generate affected by the openssl debian fiasco.

Must read:

• RSA public keys are not private
  Why : Secure auto-updates and why to use a block cipher prior to signing than to use RSA to encrypt and sign.
  
• RSA public keys are not private (implementation)
  Why : Learn that when using n with signatures, it NEVER CAN be kept secret. Why choosing RSA to sign and encrypt auto updates is wrong.
• The Debian PGP disaster that almost was
  Why : Learn that you should consider all your DSA keys (the keys themselves) compromised if you generated signatures using the vulnerable debian openssl version at any time. I am not sure everybody got this.