Suggestion: Deprecate SSH certificates and move to X.509 certificates

Peter Moody mindrot at
Fri May 25 13:58:48 AEST 2018

On Thu, May 24, 2018 at 8:36 PM, Yegor Ievlev <koops1997 at> wrote:

> SSH certificates provide no
> way to revoke compromised certificates,

this isn't true

> and SSH certificates haven't seen significant adoption,

this also isn't true.

enterprises love ssh certificates.

More information about the openssh-unix-dev mailing list