On 10/12/2011 09:59 PM, Mike McGrath wrote: > On Wed, 12 Oct 2011, Henrik Nordström wrote: > >> ons 2011-10-12 klockan 13:04 -0500 skrev Mike McGrath: >> >>> Lots of people use and share keys across different projects. >> >> There is no security issue in sharing kes across different projects, >> other than that it gives a strong hint that you are the same person in >> both projects, much stronger than name or email. >> > > Sorry I didn't explain it very well. > > 1) People share keys across different projects. > 2) We've found PRIVATE keys on our servers > 3) We have no reason to believe private keys that can authenticate to > Fedora weren't on some of the compromised systems we've heard so much > about.
4) There are indications for keys being shared between indivuals. Ralf -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
