summaryrefslogtreecommitdiff
path: root/PROTOCOL.certkeys
diff options
context:
space:
mode:
authordjm@openbsd.org <djm@openbsd.org>2019-11-25 00:57:51 +0000
committerDamien Miller <djm@mindrot.org>2019-11-25 12:25:53 +1100
commit664deef95a2e770812533439b8bdd3f3c291ae59 (patch)
treeb9b60340a40c64d9a0b2f01de8b7f513b2cce6b9 /PROTOCOL.certkeys
parent26cb128b31efdd5395153f4943f5be3eddc07033 (diff)
upstream: document the "no-touch-required" certificate extension;
ok markus, feedback deraadt OpenBSD-Commit-ID: 47640122b13f825e9c404ea99803b2372246579d
Diffstat (limited to 'PROTOCOL.certkeys')
-rw-r--r--PROTOCOL.certkeys9
1 files changed, 8 insertions, 1 deletions
diff --git a/PROTOCOL.certkeys b/PROTOCOL.certkeys
index 48338e671..1fce87006 100644
--- a/PROTOCOL.certkeys
+++ b/PROTOCOL.certkeys
@@ -280,6 +280,13 @@ their data fields are:
280 280
281Name Format Description 281Name Format Description
282----------------------------------------------------------------------------- 282-----------------------------------------------------------------------------
283no-presence-required empty Flag indicating that signatures made
284 with this certificate need not assert
285 user presence. This option only make
286 sense for the U2F/FIDO security key
287 types that support this feature in
288 their signature formats.
289
283permit-X11-forwarding empty Flag indicating that X11 forwarding 290permit-X11-forwarding empty Flag indicating that X11 forwarding
284 should be permitted. X11 forwarding will 291 should be permitted. X11 forwarding will
285 be refused if this option is absent. 292 be refused if this option is absent.
@@ -304,4 +311,4 @@ permit-user-rc empty Flag indicating that execution of
304 of this script will not be permitted if 311 of this script will not be permitted if
305 this option is not present. 312 this option is not present.
306 313
307$OpenBSD: PROTOCOL.certkeys,v 1.16 2018/10/26 01:23:03 djm Exp $ 314$OpenBSD: PROTOCOL.certkeys,v 1.17 2019/11/25 00:57:51 djm Exp $