Re: Misc development news (#8)
On Wed, 11 Jun 2008, Tollef Fog Heen wrote:
> * Philip Hands
> | While this is initially for our (DSA's) benefit, in that it makes applying
> | global changes easier, it's also for user's benefit. -- compare the
> | effort required to ensure that there are no copies of a key (that was
> | on a stolen laptop, say), on every debian host you _might_ have copied
> | it to, to the effort of sending a single mail and knowing you're done.
> That's one way to look at it. For some of us, it means debian SSH
> keys have to be handled specifically and not through $RCS update
> through cron so it comes out as more, not less, work.
Oh yes. I was particularly fond of people who automatically restored
compromised authorized_keys after I had moved them away. It made my
life so much more interesting.