1 files changed, 12 insertions, 2 deletions

diff --git a/PROTOCOL.u2f b/PROTOCOL.u2f
index 823f53634..32bfa20f3 100644
--- a/PROTOCOL.u2f
+++ b/PROTOCOL.u2f
@@ -86,7 +86,7 @@ With a private half consisting of:
         string          "sk-ssh-ed25519@openssh.com"
         string          public key
         string          application (user-specified, but typically "ssh:")
-        uint32          flags
+        uint8           flags
         string          key_handle
         string          reserved
 
@@ -110,6 +110,8 @@ information to the public key:
         string          signature key
         string          signature
 
+and for security key ed25519 certificates:
+
         string          "sk-ssh-ed25519-cert-v01@openssh.com"
         string          nonce
         string          public key
@@ -126,6 +128,15 @@ information to the public key:
         string          signature key
         string          signature
 
+Both security key certificates use the following encoding for private keys:
+
+        string          type (e.g. "sk-ssh-ed25519-cert-v01@openssh.com")
+        string          pubkey (the above key/cert structure)
+        string          application
+        uint8           flags
+        string          key_handle
+        string          reserved
+
 During key generation, the hardware also returns attestation information
 that may be used to cryptographically prove that a given key is
 hardware-backed. Unfortunately, the protocol required for this proof is
@@ -188,7 +199,6 @@ For Ed25519 keys the signature is encoded as:
         byte            flags
         uint32          counter
 
-
 ssh-agent protocol extensions
 -----------------------------