Suggestion: Deprecate SSH certificates and move to X.509 certificates

[Damien Miller]

On Fri, 25 May 2018, Yegor Ievlev wrote:

> How can I revoke one SSH certificate without having to replace the
> root certificate and all certificates signed by it?
>
> Regarding the second statement, do you have sources?

Uber, Facebook, Google, Netflix, Lyft, Square, Asana and others are on
the record as using OpenSSH certificates (within a minute or two of
Googling).

Some of them have published their own CA clients/servers (inc. Peter).

-d