On 21.05.2008 15:12, Ivan Krstić wrote: > On May 21, 2008, at 5:58 AM, Carl-Daniel Hailfinger wrote: >> OK, but then a statement from the user like "I never logged in anywhere >> from a Debian/Ubuntu system" should suffice to reenable the existing >> key. > > Given the trivial cost of generating a new RSA key and the high > fallibility of human memory, it's not at all unreasonable to err on > the side of caution as Chris has done.
So DSA is a no-go from now until the end of time? Chris Ball wrote: >>> Please mail [EMAIL PROTECTED] if you were using a DSA key that you >>> now need to replace. >>> I interpreted the statement above as "replace with a RSA or new DSA key". Ivan, you seem to interpret it as "replace with a RSA key". Since Chris wrote he disabled logins with DSA keys, I guess you're right. Thanks for clarifying. By the way, will remaining and new RSA keys be tested for bad randomness? Regards, Carl-Daniel _______________________________________________ Devel mailing list Devel@lists.laptop.org http://lists.laptop.org/listinfo/devel