Commit Graph

4 Commits

Author SHA1 Message Date
djm@openbsd.org
9405c6214f upstream: allow key revocation by SHA256 hash and allow ssh-keygen
to create KRLs using SHA256/base64 key fingerprints; ok markus@

OpenBSD-Commit-ID: a0590fd34e7f1141f2873ab3acc57442560e6a94
2018-09-12 16:49:21 +10:00
djm@openbsd.org
001aa55484 upstream: lots of typos in comments/docs. Patch from Karsten Weiss
after checking with codespell tool
(https://github.com/lucasdemarchi/codespell)

OpenBSD-Commit-ID: 373222f12d7ab606598a2d36840c60be93568528
2018-04-10 10:17:15 +10:00
djm@openbsd.org
669aee9943 upstream commit
permit KRLs that revoke certificates by serial number or
 key ID without scoping to a particular CA; ok markus@
2015-01-30 12:17:07 +11:00
Damien Miller
f3747bf401 - djm@cvs.openbsd.org 2013/01/17 23:00:01
[auth.c key.c key.h ssh-keygen.1 ssh-keygen.c sshd_config.5]
     [krl.c krl.h PROTOCOL.krl]
     add support for Key Revocation Lists (KRLs). These are a compact way to
     represent lists of revoked keys and certificates, taking as little as
     a single bit of incremental cost to revoke a certificate by serial number.
     KRLs are loaded via the existing RevokedKeys sshd_config option.
     feedback and ok markus@
2013-01-18 11:44:04 +11:00