=================================================================== RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/ssh/PROTOCOL.certkeys,v retrieving revision 1.11 retrieving revision 1.16 diff -u -r1.11 -r1.16 --- src/usr.bin/ssh/PROTOCOL.certkeys 2017/05/16 16:54:05 1.11 +++ src/usr.bin/ssh/PROTOCOL.certkeys 2018/10/26 01:23:03 1.16 @@ -25,6 +25,10 @@ acceptance of certified host keys, by adding a similar ability to specify CA keys in ~/.ssh/known_hosts. +All certificate types include certification information along with the +public key that is used to sign challenges. In OpenSSH, ssh-keygen +performs the CA signing operation. + Certified keys are represented using new key types: ssh-rsa-cert-v01@openssh.com @@ -32,11 +36,20 @@ ecdsa-sha2-nistp256-cert-v01@openssh.com ecdsa-sha2-nistp384-cert-v01@openssh.com ecdsa-sha2-nistp521-cert-v01@openssh.com + ssh-ed25519-cert-v01@openssh.com -These include certification information along with the public key -that is used to sign challenges. ssh-keygen performs the CA signing -operation. +Two additional types exist for RSA certificates to force use of +SHA-2 signatures (SHA-256 and SHA-512 respectively): + rsa-sha2-256-cert-v01@openssh.com + rsa-sha2-512-cert-v01@openssh.com + +These RSA/SHA-2 types should not appear in keys at rest or transmitted +on their wire, but do appear in a SSH_MSG_KEXINIT's host-key algorithms +field or in the "public key algorithm name" field of a "publickey" +SSH_USERAUTH_REQUEST to indicate that the signature will use the +specified algorithm. + Protocol extensions ------------------- @@ -100,9 +113,9 @@ ECDSA certificate - string "ecdsa-sha2-nistp256-v01@openssh.com" | - "ecdsa-sha2-nistp384-v01@openssh.com" | - "ecdsa-sha2-nistp521-v01@openssh.com" + string "ecdsa-sha2-nistp256-cert-v01@openssh.com" | + "ecdsa-sha2-nistp384-cert-v01@openssh.com" | + "ecdsa-sha2-nistp521-cert-v01@openssh.com" string nonce string curve string public_key @@ -174,7 +187,7 @@ valid after <= current time < valid before -criticial options is a set of zero or more key options encoded as +critical options is a set of zero or more key options encoded as below. All such options are "critical" in the sense that an implementation must refuse to authorise a key that has an unrecognised option. @@ -224,6 +237,9 @@ "critical", if an implementation does not recognise a option then the validating party should refuse to accept the certificate. +Custom options should append the originating author or organisation's +domain name to the option name, e.g. "my-option@example.com". + No critical options are defined for host certificates at present. The supported user certificate options and the contents and structure of their data fields are: @@ -255,6 +271,9 @@ If an implementation does not recognise an extension, then it should ignore it. +Custom options should append the originating author or organisation's +domain name to the option name, e.g. "my-option@example.com". + No extensions are defined for host certificates at present. The supported user certificate extensions and the contents and structure of their data fields are: @@ -285,4 +304,4 @@ of this script will not be permitted if this option is not present. -$OpenBSD: PROTOCOL.certkeys,v 1.11 2017/05/16 16:54:05 djm Exp $ +$OpenBSD: PROTOCOL.certkeys,v 1.16 2018/10/26 01:23:03 djm Exp $