| commit | f3747bf4014a450c9aaf1d88b010f6e579d10072 | [log] [download] |
|---|---|---|
| author | Damien Miller <djm@mindrot.org> | Fri Jan 18 11:44:04 2013 +1100 |
| committer | Damien Miller <djm@mindrot.org> | Fri Jan 18 11:44:04 2013 +1100 |
| tree | 0b1e1b497da13eb815e16a0f43be09e873e6a243 | |
| parent | b26699bbadaffa1b1de2f6b0e175b77aba337de5 [diff] |
- djm@cvs.openbsd.org 2013/01/17 23:00:01
[auth.c key.c key.h ssh-keygen.1 ssh-keygen.c sshd_config.5]
[krl.c krl.h PROTOCOL.krl]
add support for Key Revocation Lists (KRLs). These are a compact way to
represent lists of revoked keys and certificates, taking as little as
a single bit of incremental cost to revoke a certificate by serial number.
KRLs are loaded via the existing RevokedKeys sshd_config option.
feedback and ok markus@