Subject: IMPORTANT: Mandatory password and ssh key change by 2011-11-30

Bernd Stramm bernd.stramm at
Thu Oct 13 18:29:55 UTC 2011

On Thu, 13 Oct 2011 10:39:03 -0700
Toshio Kuratomi <a.badger at> wrote:

> So what are our admins to do?  1) We could ignore the issue.  We have
> a lot of contributors.  Maybe we should just expect that some of
> their accounts are going to be compromised.  

Not maybe. Certainly some of the accounts will be compromised. 

> 2) We could require
> everyone to change keys. 

And some time after that, some accounts will be compromised again. Some
of the same accounts as before, and some other accounts. Not maybe.
Certainly, 100%.

Bernd Stramm
bernd.stramm at
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: not available
Url : 

More information about the devel mailing list