summaryrefslogtreecommitdiff
path: root/PROTOCOL.u2f
diff options
context:
space:
mode:
authornaddy@openbsd.org <naddy@openbsd.org>2019-12-20 20:28:55 +0000
committerDamien Miller <djm@mindrot.org>2019-12-21 13:22:07 +1100
commit416f15372bfb5be1709a0ad1d00ef5d8ebfb9e0e (patch)
treedc9ba4c764e701a02dea6ae1726c5c22f28abdda /PROTOCOL.u2f
parent68010acbcfe36167b3eece3115f3a502535f80df (diff)
upstream: SSH U2F keys can now be used as host keys. Fix a garden
path sentence. ok markus@ OpenBSD-Commit-ID: 67d7971ca1a020acd6c151426c54bd29d784bd6b
Diffstat (limited to 'PROTOCOL.u2f')
-rw-r--r--PROTOCOL.u2f6
1 files changed, 1 insertions, 5 deletions
diff --git a/PROTOCOL.u2f b/PROTOCOL.u2f
index 066d09951..61b70d6ef 100644
--- a/PROTOCOL.u2f
+++ b/PROTOCOL.u2f
@@ -37,7 +37,7 @@ hardware, thus requiring little on-device storage for an effectively
37unlimited number of supported keys. This drives the requirement that 37unlimited number of supported keys. This drives the requirement that
38the key handle be supplied for each signature operation. U2F tokens 38the key handle be supplied for each signature operation. U2F tokens
39primarily use ECDSA signatures in the NIST-P256 field, though the FIDO2 39primarily use ECDSA signatures in the NIST-P256 field, though the FIDO2
40standard specified additional key types include one based on Ed25519. 40standard specifies additional key types, including one based on Ed25519.
41 41
42SSH U2F Key formats 42SSH U2F Key formats
43------------------- 43-------------------
@@ -49,10 +49,6 @@ OpenSSH integrates U2F as new key and corresponding certificate types:
49 sk-ssh-ed25519@openssh.com 49 sk-ssh-ed25519@openssh.com
50 sk-ssh-ed25519-cert-v01@openssh.com 50 sk-ssh-ed25519-cert-v01@openssh.com
51 51
52These key types are supported only for user authentication with the
53"publickey" method. They are not used for host-based user authentication
54or server host key authentication.
55
56While each uses ecdsa-sha256-nistp256 as the underlying signature primitive, 52While each uses ecdsa-sha256-nistp256 as the underlying signature primitive,
57keys require extra information in the public and private keys, and in 53keys require extra information in the public and private keys, and in
58the signature object itself. As such they cannot be made compatible with 54the signature object itself. As such they cannot be made compatible with