| version 1.6, 2023/07/17 03:57:21 |
version 1.7, 2023/07/17 04:01:10 |
|
|
| |
|
| 6. KRL signature sections |
6. KRL signature sections |
| |
|
| |
Note: KRL signatures are not supported by OpenSSH. OpenSSH >= 9.4 will |
| |
refuse to load KRLs that contain signatures. We recommend the use |
| |
of SSHSIG (`ssh-keygen -Y sign ...`) style signatures for KRLs instead. |
| |
|
| The KRL_SECTION_SIGNATURE section serves a different purpose to the |
The KRL_SECTION_SIGNATURE section serves a different purpose to the |
| preceding ones: to provide cryptographic authentication of a KRL that |
preceding ones: to provide cryptographic authentication of a KRL that |
| is retrieved over a channel that does not provide integrity protection. |
is retrieved over a channel that does not provide integrity protection. |
![[BACK]](/icons/back.gif){kind=icon}
Return to PROTOCOL.krl CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / ssh