| |||||||||||||
|
| |||||||||||||
Another update on Fedora infrastructureAnother update on Fedora infrastructurePosted Aug 19, 2008 9:01 UTC (Tue) by rvfh (subscriber, #31018)Parent article: Another update on Fedora infrastructure
Maybe they had a Debian-generated SSH key?
(Log in to post comments)
Another update on Fedora infrastructure Posted Aug 19, 2008 15:17 UTC (Tue) by jwb (guest, #15467) [Link] A new SSH key fingerprint could just mean that they reinstalled the operating system, or got a new machine and installed fresh on that.
Another update on Fedora infrastructure Posted Aug 19, 2008 18:58 UTC (Tue) by Los__D (subscriber, #15263) [Link] But... Why not move the key to the new system?
Another update on Fedora infrastructure Posted Aug 19, 2008 17:00 UTC (Tue) by corbet (editor, #1) [Link] Worthy of note for people speculating in this direction: in the whole password/key reset process that is going on now, they are prohibiting the uploading of DSA keys into Fedora servers.
Another update on Fedora infrastructure Posted Aug 19, 2008 17:07 UTC (Tue) by jwb (guest, #15467) [Link] Why would anyone use DSA keys anyway? They have serious flaws which the RSA system avoids. Notably, if you inadvertently sign something using your DSA key and a compromised PRNG, your key is revealed. The attraction of DSA keys seems to be simply that RSA was at one time patented. This seems like a silly reason today.
Another update on Fedora infrastructure Posted Aug 19, 2008 17:27 UTC (Tue) by tialaramex (subscriber, #21167) [Link] There's a diversity argument too. If everyone's infrastructure relies on RSA exclusively and then next week someone finds a serious problem in RSA then you've got a massive disaster. Which doesn't add up to an argument for DSA, but it does mean it's not enough to say "RSA is better, we'll just use that". We know that RSA is no /harder/ than the factorisation problem, but we don't have a proof that it isn't /easier/ perhaps /much easier/. We must have alternatives, maybe Elliptic Curve or maybe something quite different.
Another update on Fedora infrastructure Posted Aug 19, 2008 21:32 UTC (Tue) by danpb (subscriber, #4831) [Link] The prohibition on uploading new DSA keys is not a new change this week, but was actually introduced to FAS2 a couple of months ago now as per this ticket: https://fedorahosted.org/fedora-infrastructure/ticket/540
|
|
||||||||||||