[Bug 2799] RSA Signatures using SHA2 provided by different ssh-agent are not properly verified
bugzilla-daemon at bugzilla.mindrot.org
bugzilla-daemon at bugzilla.mindrot.org
Fri Dec 8 22:18:53 AEDT 2017
https://bugzilla.mindrot.org/show_bug.cgi?id=2799
--- Comment #6 from Jakub Jelen <jjelen at redhat.com> ---
Thank you for the updating the patch on the rough edges. Yes, I did not
think about certificates. It would certainly make sense to have
certificates that are also enforcing SHA2 these days. I don't think,
there is other way than defining new ones, such as
ssh-rsa-shaXXX-cert-v01 at openssh.com
The changes look good to me.
--
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.
More information about the openssh-bugs
mailing list