sbp opened a new pull request, #690: URL: https://github.com/apache/tooling-trusted-releases/pull/690
Alternative to #689 to solve #677. Already discussed with @alitheg. The idea of this PR is that we use the common subset of the `asyncssh` defaults (the algorithms that the code we use supports) and the ones recommended by [`ssh-audit`](https://github.com/jtesta/ssh-audit) (an SSH security audit tool). These are the best recommendations that I could find encoded in Python. We could track some national standards instead, for example, but those tend to use unsafe curves, and we'd have to do it manually. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
