[openssh-commits] [openssh] 01/01: upstream: correct extension name "no-presence-required" =>

git+noreply at mindrot.org git+noreply at mindrot.org
Fri Jun 4 14:05:43 AEST 2021


This is an automated email from the git hooks/post-receive script.

djm pushed a commit to branch master
in repository openssh.

commit 60107677dc0ce1e93c61f23c433ad54687fcd9f5
Author: djm at openbsd.org <djm at openbsd.org>
Date:   Fri Jun 4 04:02:21 2021 +0000

    upstream: correct extension name "no-presence-required" =>
    
    "no-touch-required"
    
    document "verify-required" option
    
    OpenBSD-Commit-ID: 1879ff4062cf61d79b515e433aff0bf49a6c55c5
---
 PROTOCOL.certkeys | 18 +++++++++++++-----
 1 file changed, 13 insertions(+), 5 deletions(-)

diff --git a/PROTOCOL.certkeys b/PROTOCOL.certkeys
index 1fce8700..5b0cc2ce 100644
--- a/PROTOCOL.certkeys
+++ b/PROTOCOL.certkeys
@@ -260,6 +260,14 @@ source-address          string        Comma-separated list of source addresses
                                       certificates may be presented from any
                                       source address.
 
+verify-required         empty         Flag indicating that signatures made
+                                      with this certificate must assert FIDO
+                                      user verification (e.g. PIN or
+                                      biometric). This option only make sense
+                                      for the U2F/FIDO security key types that
+                                      support this feature in their signature
+                                      formats.
+
 Extensions
 ----------
 
@@ -280,11 +288,11 @@ their data fields are:
 
 Name                    Format        Description
 -----------------------------------------------------------------------------
-no-presence-required    empty         Flag indicating that signatures made
+no-touch-required       empty         Flag indicating that signatures made
                                       with this certificate need not assert
-                                      user presence. This option only make
-                                      sense for the U2F/FIDO security key
-                                      types that support this feature in
+                                      FIDO user presence. This option only
+                                      make sense for the U2F/FIDO security
+                                      key types that support this feature in
                                       their signature formats.
 
 permit-X11-forwarding   empty         Flag indicating that X11 forwarding
@@ -311,4 +319,4 @@ permit-user-rc          empty         Flag indicating that execution of
                                       of this script will not be permitted if
                                       this option is not present.
 
-$OpenBSD: PROTOCOL.certkeys,v 1.17 2019/11/25 00:57:51 djm Exp $
+$OpenBSD: PROTOCOL.certkeys,v 1.18 2021/06/04 04:02:21 djm Exp $

-- 
To stop receiving notification emails like this one, please contact
djm at mindrot.org.


More information about the openssh-commits mailing list