On 26 Dec, Kris Kennaway wrote:
> On Mon, Dec 25, 2000 at 09:27:49PM -0800, David O'Brien wrote:
>> On Mon, Dec 25, 2000 at 08:29:01PM -0800, Kris Kennaway wrote:
>> >
>> > Umm, are you actually talking about real incidents here, or just
>> > spreading FUD?
>>
>> REAL incidents. Please remember I've been a committer longer you have.
>
>>.........[TRIMMED]...........
>
> Since you insist, please check the following message IDs which contain
> PGP signed confirmations of the changed keys. The freefall one
> especially was just a mixup in timing, not an oversight or gap in
> policy:
>
> Message-Id: <[EMAIL PROTECTED]>
> Message-Id: <[EMAIL PROTECTED]>
> Message-ID: <[EMAIL PROTECTED]>
>
> So I say again, please stop spreading FUD and making it sound like
> FreeBSD admins routinely change SSH keys without warning or
> confirmation. It has happened once in the last year, and the new key
> was authoritatively confirmed very quickly thereafter.
>
Wait. If what David says is correct and what Kris says is correct,
then I guess the next question is: What is the policy when
a "commiter" reports this type of schenario?
My guess is that such a situation would not be ignored, and
as such, any commiter encountering such a situation should
report the incident immediately. This should be the policy
for if what I've read and heard about SSH is true, then
what David is saying merits a policy and investigation
by the SO.
If it is FUD as you claim, then the call should be made
by the SO. This would seem to be prudent policy.
Lastly, I'm not here to question policy, just report on
it.
respectfully,
Jessem.
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message
