I was doing a 'CVS update' from the IETF LAN, when I got rather nervous 
-- there have been active attacks on the wireless LAN there in the 
past.  I switched my CVS access to use ssh, but I ran into another 
issue:  I have no way of knowing that I got to the right place, because 
I don't know what the key fingerprints should be.  It would be nice if 
the repositories would publish the fingerprints for all of their SSH 
public keys.

		--Steve Bellovin, http://www.research.att.com/~smb
		Full text of "Firewalls" book now at http://www.wilyhacker.com