On Thu, Sep 29, 2011 at 13:16, seth vidal <skvidal@xxxxxxxxxxxxxxxxx> wrote: > Hi, > > I'd like to put a new policy in place which goes something like this: > > If you upload your private keys (encrypted or not) we will remove them, > then we will remove your public keys from FAS and force you to login and > give a new one in FAS. > > We do the last step on the basis that your private key, being on a > networked, multi-user machine is now exposed to the world and > potentially compromised. So we can no longer trust it. > > thoughts? +1 since publishing their private keys on a web page is probably not allowed. > Thanks, > -sv > > > > _______________________________________________ > infrastructure mailing list > infrastructure@xxxxxxxxxxxxxxxxxxxxxxx > https://admin.fedoraproject.org/mailman/listinfo/infrastructure > -- Stephen J Smoogen. "The core skill of innovators is error recovery, not failure avoidance." Randy Nelson, President of Pixar University. "Let us be kind, one to another, for most of us are fighting a hard battle." -- Ian MacLaren _______________________________________________ infrastructure mailing list infrastructure@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/infrastructure
