On Wed, May 14, 2008 at 9:31 AM, Simetrical
<Simetrical+wikilist(a)gmail.com> wrote:
But the keys that some people use to log in may be
compromised, if
they were created on a vulnerable OpenSSL version not on the
toolserver. Given that Brion disabled some people's commit keys, I
take it that it's possible to tell whether a key is compromised just
by examining the public key. Do you plan to do that, or allow people
with compromised keys to continue to log in? Or is that a false
dilemma?
Yeah, this post was at least 40 minutes too late. Serves me right for
reading my mail in chronological order. Never mind. :)