version 1.11, 2017/05/16 16:54:05 |
version 1.14, 2018/04/10 00:10:49 |
|
|
|
|
ECDSA certificate |
ECDSA certificate |
|
|
string "ecdsa-sha2-nistp256-v01@openssh.com" | |
string "ecdsa-sha2-nistp256-cert-v01@openssh.com" | |
"ecdsa-sha2-nistp384-v01@openssh.com" | |
"ecdsa-sha2-nistp384-cert-v01@openssh.com" | |
"ecdsa-sha2-nistp521-v01@openssh.com" |
"ecdsa-sha2-nistp521-cert-v01@openssh.com" |
string nonce |
string nonce |
string curve |
string curve |
string public_key |
string public_key |
|
|
|
|
valid after <= current time < valid before |
valid after <= current time < valid before |
|
|
criticial options is a set of zero or more key options encoded as |
critical options is a set of zero or more key options encoded as |
below. All such options are "critical" in the sense that an implementation |
below. All such options are "critical" in the sense that an implementation |
must refuse to authorise a key that has an unrecognised option. |
must refuse to authorise a key that has an unrecognised option. |
|
|
|
|
"critical", if an implementation does not recognise a option |
"critical", if an implementation does not recognise a option |
then the validating party should refuse to accept the certificate. |
then the validating party should refuse to accept the certificate. |
|
|
|
Custom options should append the originating author or organisation's |
|
domain name to the option name, e.g. "my-option@example.com". |
|
|
No critical options are defined for host certificates at present. The |
No critical options are defined for host certificates at present. The |
supported user certificate options and the contents and structure of |
supported user certificate options and the contents and structure of |
their data fields are: |
their data fields are: |
|
|
|
|
If an implementation does not recognise an extension, then it should |
If an implementation does not recognise an extension, then it should |
ignore it. |
ignore it. |
|
|
|
Custom options should append the originating author or organisation's |
|
domain name to the option name, e.g. "my-option@example.com". |
|
|
No extensions are defined for host certificates at present. The |
No extensions are defined for host certificates at present. The |
supported user certificate extensions and the contents and structure of |
supported user certificate extensions and the contents and structure of |