On Fri, 22 Aug 2008 18:59:24 +0530, "Rahul Sundaram"
<sundaram(a)fedoraproject.org> said:
Jeffrey Tadlock wrote:
> I would agree with removing the speculation and guesses, including
> removing the Debian thing. The DSA vs. RSA bit has some relevance as
> Fedora Contributors are needing to re-upload their SSH keys to FAS and
> DSA keys are no longer accepted to my knowledge.
Yes, however this happened sometime *before* the incident.
Great prompt feedback from everyone. Please feel free to snip out
anything deemed non-useful. I'm afraid I'm out of the loop for a few
hours, so have at it. I kind of agree with the comments arguing that
the current presentation may be muddying the waters a bit. My thinking
(while knowing nothing) was to try to get a rough historical context of
both how this incident progressed *publically* and also how other
projects have been compromised in the past. Perhaps not appropriate. So
please, slash away as desired.
Thanks to all for the rapid, smart responses
--
Oisin Feeley
http://fedoraproject.org/wiki/OisinFeeley