On Fri, May 30, 2014 at 12:50 PM, Bill Ricker <bill.n1...@gmail.com> wrote: > two minor corrigenda - > * I'd read earlier the new binaries are signed with a new signing key, but > that it was provisioned from same CA previously used, prior to the fraca, > because old key was expiring, so not particularly suspicious, but rather > best practice. (One might like to see the new key signed with the old but > who remembers to do that.)
Anybody who cares about security? This seems very odd to me. Why bother to get a new key if you are going to just stop using it soon anyway? The fact that is from the same CA means not much more then the check cleared. Bill Bogstad _______________________________________________ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss
