Subject: IMPORTANT: Mandatory password and ssh key change by 2011-11-30
Bernd Stramm
bernd.stramm at gmail.com
Thu Oct 13 18:29:55 UTC 2011
On Thu, 13 Oct 2011 10:39:03 -0700
Toshio Kuratomi <a.badger at gmail.com> wrote:
>...
> So what are our admins to do? 1) We could ignore the issue. We have
> a lot of contributors. Maybe we should just expect that some of
> their accounts are going to be compromised.
Not maybe. Certainly some of the accounts will be compromised.
> 2) We could require
> everyone to change keys.
And some time after that, some accounts will be compromised again. Some
of the same accounts as before, and some other accounts. Not maybe.
Certainly, 100%.
--
Bernd Stramm
bernd.stramm at gmail.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: not available
Url : http://lists.fedoraproject.org/pipermail/devel/attachments/20111013/166be5ea/attachment.bin
More information about the devel
mailing list