On Wed, 2011-10-12 at 14:16 -0400, Simo Sorce wrote: > Storing a public key is not an issue, so the fact I use my key with > different projects has absolutely no bearing on my exposure, zero, > zilch. Unless I store my *private* keys on non-personal machines.
I rather suspect this is exactly what happened in some of the compromises. (Note the other recent FAS security notification, which specifically told people not to store their private keys on fedorapeople and said that any found on fedorapeople would be automatically deleted. I wonder what could *possibly* be the motivation for such a move to happen. Right at this particular point in history.) -- Adam Williamson Fedora QA Community Monkey IRC: adamw | Twitter: AdamW_Fedora | identi.ca: adamwfedora http://www.happyassassin.net -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
