On Thu, May 24, 2018 at 9:09 PM, Yegor Ievlev <koops1997@xxxxxxxxx> wrote: > How can I revoke one SSH certificate without having to replace the > root certificate and all certificates signed by it? there is no chaining of ssh certificates. > Regarding the second statement, do you have sources? yes. my day job. > On Fri, May 25, 2018 at 6:58 AM, Peter Moody <mindrot@xxxxxxxx> wrote: >> On Thu, May 24, 2018 at 8:36 PM, Yegor Ievlev <koops1997@xxxxxxxxx> wrote: >> >>> SSH certificates provide no >>> way to revoke compromised certificates, >> >> this isn't true >> >>> and SSH certificates haven't seen significant adoption, >> >> this also isn't true. >> >> enterprises love ssh certificates. _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev