Suggestion: Deprecate SSH certificates and move to X.509 certificates

Yegor Ievlev koops1997 at
Fri May 25 15:35:39 AEST 2018

OpenSSH needs some mechanism to distribute signed revoked key lists to
all servers trusting this root CA.

On Fri, May 25, 2018 at 8:05 AM, Damien Miller <djm at> wrote:
> On Fri, 25 May 2018, Yegor Ievlev wrote:
>> Zero matches in both.
> You're referring to manual pages that we don't publish. I have no idea
> what version those are (they look old) or what modification the publisher
> has made along the way.
> Start here:

More information about the openssh-unix-dev mailing list