We should list all of the SSH key fingerprints on an ssl'd website so that people can verify before logging into a new machine. Especially true for "public" machines such as cvs, fedorahosted, etc
This is now for the most part done...
https://admin.fedoraproject.org/fingerprints
Login to comment on this ticket.