Update of sr #110004 (project administration):

                  Status:                    None => Done                   
             Assigned to:                    None => rwp                    
             Open/Closed:                    Open => Closed                 


Follow-up Comment #1:

I am sorry you missed seeing our notifications!  Where should we have sent
those notifications so that you would have seen them?

Are you subscribed to the savannah-users mailing list?  That is a low volume
mailing list for Savannah users to discuss using Savannah.  Please subscribe
if you are not.  I think it is probably the best place to keep up with changes
and other happenings.  The deprecation of DSA keys was posted there at the
time of the change.


Do you look at the Savannah web home page?  The top news item on the home page
is still the deprecation warning of DSA keys.


Savannah has always recommended against using DSA keys due to the weakenesses
of them.  Here is the documentation on why they were advised against.  But has
previously accepted them anyway.


The upstream OpenSSH project is deprecating DSA keys.  As we upgrade the
systems we are simply following their lead and not re-enabling them.

  http://www.openssh.com/legacy.html "OpenSSH 7.0 and greater similarly
disable the ssh-dss (DSA) public key algorithm.  It too is weak and we
recommend against its use."

At this moment the cvs system is running a newer version of the OS which
includes OpenSSH 7.4p1 while the git system is still running the older OS
version with OpenSSH 6.6.1p1 but it will also be upgraded at some point in the
near future.


Reply to this item at:


  Message sent via Savannah

Reply via email to