Clarify how KRLs with multiple signatures are created

Jörn Heissler openssh-bugs at
Tue Aug 23 05:57:09 AEST 2022


when signing a KRL with multiple keys, it's somewhat unclear if signed data includes prior signatures.
My expectation would have been that signatures are created independent
of each other, but that's not the case.

For clarification, I'd like to suggest this patch to the documentation:

diff --git a/PROTOCOL.krl b/PROTOCOL.krl
index 115f80e5..bd0ffe6b 100644
--- a/PROTOCOL.krl
+++ b/PROTOCOL.krl
@@ -160,6 +160,7 @@ two string components instead of one.
 The signature is calculated over the entire KRL from the KRL_MAGIC
 to this subsection's "signature_key", including both and using the
 signature generation rules appropriate for the type of "signature_key".
+Prior signature sections are part of the signed data as well.
 This section must appear last in the KRL. If multiple signature sections
 appear, they must appear consecutively at the end of the KRL file.

n.b.: the code for creating signatures is implemented in ssh_krl_from_blob, but
ssh-keygen doesn't make use of it. So I assume signed KRLs is a little used feature.

Jörn Heissler
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <>

More information about the openssh-unix-dev mailing list