git.freedesktop.org IP change?
Daniel Stone
daniel at fooishbar.org
Fri May 16 03:40:18 PDT 2008
On Fri, May 16, 2008 at 11:41:03AM +0200, Matthieu Herrb wrote:
> Matthias Hopf wrote:
> > On May 16, 08 00:50:51 -0400, Dan Phung wrote:
> >> There was an ssh vulnerability that forced everbody to regenerate
> >> their ssh keys...that's probably the reason...
> >
> > Everybody running Debian, strictly speaking.
> > Other distros are not affected IIRC.
>
> Other non-debian based distros are not affected, but DSA keys can be,
> even if they were generated on other systems: if a DSA key was used to
> authenticate against a vulnerable (thus potentially compromised) server,
> this key should be considered as compromised too.
For this reason, we're point-blank not taking any more DSA keys. When
we come back, our requirements will match Debian's exactly: RSA (not
RSA1), key length greater than 1024 bits.
Cheers,
Daniel
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
URL: <http://lists.x.org/archives/xorg/attachments/20080516/887782fa/attachment.pgp>
More information about the xorg
mailing list