summaryrefslogtreecommitdiff
path: root/PROTOCOL.krl
AgeCommit message (Collapse)Author
2015-01-30upstream commitdjm@openbsd.org
permit KRLs that revoke certificates by serial number or key ID without scoping to a particular CA; ok markus@
2013-01-18 - djm@cvs.openbsd.org 2013/01/17 23:00:01Damien Miller
[auth.c key.c key.h ssh-keygen.1 ssh-keygen.c sshd_config.5] [krl.c krl.h PROTOCOL.krl] add support for Key Revocation Lists (KRLs). These are a compact way to represent lists of revoked keys and certificates, taking as little as a single bit of incremental cost to revoke a certificate by serial number. KRLs are loaded via the existing RevokedKeys sshd_config option. feedback and ok markus@
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-01 07:44:19 +0000