Signing KRLs?

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



Hi!

While reading through PROTOCOL.krl I came across "5. KRL signature sections".

If my understanding is correct - and that's basically what I would like to
get knocked down for if appropriate ;) - this is a way for SSHDs to ensure
they only accept KRLs signed by a trusted CA.

However, I cannot seem to find a way to actually _sign_ a KRL with ssh-keygen?
The aforementioned PROTOCOL.krl says that KRL_SECTION_SIGNATURE is optional in
the file structure, so am I right to assume that ssh-keygen simply does not 
implement the signing of KRLs (yet)? Or do I need to use some other tool I have
overlooked?

Thanks a lot in advance.

Cheers,
Daniel


-- 
Daniel Schneller
ds@xxxxxxxxxxxxxxxxxxx
Twitter: @dschneller
http://www.danielschneller.com - Java, iOS, Mac, Windows, Linux and other insanities.

_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev



[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux