Unless there are vigorous objections, the next build of Freenet will have allowInsecureSSKs set to default to false. What this means is that unless you change the option, you cannot access freesites or SSK/USK files inserted using insecure crypto, i.e. inserted with keys generated before 1010. However, at a network level they will remain, for now, as will CHKs, for now.
PLEASE migrate your freesites. If you particularly value a freesite which isn't your own, but isn't likely to be updated, migrate it yourself! You can always make clear that it's a mirror. The plan is for the next build (1035) to have allowInsecureSSKs=false, the one after it to have allowInsecureCHKs=false, and then for the code and the network-level support for insecure keys to be deleted some time later (on a scale of months probably). Code which only exists to replicate past insecurity for backwards compatibility's sake has no place in Freenet! -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available URL: <https://emu.freenetproject.org/pipermail/devl/attachments/20070522/d68c7c12/attachment.pgp>
