i'm an Infra n00b, but definitely +1 out of good practice. On Thu, Sep 29, 2011 at 3:21 PM, Stephen Gallagher <sgallagh@xxxxxxxxxx> wrote: > On Thu, 2011-09-29 at 15:16 -0400, seth vidal wrote: >> Hi, >> >> I'd like to put a new policy in place which goes something like this: >> >> If you upload your private keys (encrypted or not) we will remove them, >> then we will remove your public keys from FAS and force you to login and >> give a new one in FAS. >> >> We do the last step on the basis that your private key, being on a >> networked, multi-user machine is now exposed to the world and >> potentially compromised. So we can no longer trust it. >> >> thoughts? > > +1 > > > _______________________________________________ > infrastructure mailing list > infrastructure@xxxxxxxxxxxxxxxxxxxxxxx > https://admin.fedoraproject.org/mailman/listinfo/infrastructure >
-----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.17 (GNU/Linux) iEYEABECAAYFAk6Ex0sACgkQJpuv2DHZ/HrNyACgl9OgeUdU7SLMkGyWjhrL1Et2 1EoAn1yTmWyFWJ2NIQBl0xDIMO4VbZ+X =xdYy -----END PGP SIGNATURE-----
_______________________________________________ infrastructure mailing list infrastructure@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/infrastructure
