That's not a very good source, since it's only available to one person. On Fri, May 25, 2018 at 7:12 AM, Peter Moody <mindrot@xxxxxxxx> wrote: > On Thu, May 24, 2018 at 9:09 PM, Yegor Ievlev <koops1997@xxxxxxxxx> wrote: >> How can I revoke one SSH certificate without having to replace the >> root certificate and all certificates signed by it? > > there is no chaining of ssh certificates. > >> Regarding the second statement, do you have sources? > > yes. my day job. > >> On Fri, May 25, 2018 at 6:58 AM, Peter Moody <mindrot@xxxxxxxx> wrote: >>> On Thu, May 24, 2018 at 8:36 PM, Yegor Ievlev <koops1997@xxxxxxxxx> wrote: >>> >>>> SSH certificates provide no >>>> way to revoke compromised certificates, >>> >>> this isn't true >>> >>>> and SSH certificates haven't seen significant adoption, >>> >>> this also isn't true. >>> >>> enterprises love ssh certificates. _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev