On Wed, 11 Jun 2008, Tollef Fog Heen wrote: > * Philip Hands > > | While this is initially for our (DSA's) benefit, in that it makes applying > | global changes easier, it's also for user's benefit. -- compare the > | effort required to ensure that there are no copies of a key (that was > | on a stolen laptop, say), on every debian host you _might_ have copied > | it to, to the effort of sending a single mail and knowing you're done. > > That's one way to look at it. For some of us, it means debian SSH > keys have to be handled specifically and not through $RCS update > through cron so it comes out as more, not less, work.
Oh yes. I was particularly fond of people who automatically restored compromised authorized_keys after I had moved them away. It made my life so much more interesting. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
