On Mon, 2011-09-12 at 12:01 -0400, Adam M. Dutko wrote: > I think a "security event driven" change policy would be more > effective than an arbitrary change policy driven by a deadline. > > LinuxCode asked me about this in #fedora-noc after I mentioned: > > "... there is conflicting evidence (one might call it 'opinion' more > than evidence) as to whether frequent changes are effective ... just a > thought" > > The article that precipitated this comment was one published by Bruce > Schneier [0]. Again, this is "yet another opinion." > > I'm not arguing about the efficacy of frequent changes. Nor am I recommending we do it often. I'm saying right now, here, today, we force a change. Not once a month Not once every 3 months Not at any fixed schedule. Not on a boat Not with a goat. -sv _______________________________________________ infrastructure mailing list infrastructure@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/infrastructure
