On Wed, 12 Oct 2011 16:40:07 -0400 seth vidal <skvidal@xxxxxxxxxxxxxxxxx> wrote: > On Wed, 2011-10-12 at 22:34 +0200, Tomas Mraz wrote: > > Unnecessary work is kind of punishment. > > > > BTW what prevents the people who do not care about their SSH > > private key security to upload their new SSH key to a compromised > > system immediately after their generate it again? > > Nothing prevents them from doing it. But this action, here, today, is > trying to stave off risk from PAST compromises of others systems. It > is not trying to stave off FUTURE compromises. > > It's like changing your house locks if you lose your keys. Nothing > keeps you from losing your keys again - but you're completely certain > that the old keys are useless now. I for one am fairly certain that the folks who left their private keys on public systems will do that again, fairly quickly. I am also fairly certain that they are not following this debate. -- Bernd Stramm bernd.stramm@xxxxxxxxx -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
