Y
Hacker News
new
|
ask
|
show
|
jobs
by
frutiger
3761 days ago
You can do SSH certificates that can sign and revoke keys. For some reason, most people assume TLS when you mention the word certificate. Read the CERTIFICATES section in ssh-keygen(1).
1 comments
creshal
3761 days ago
True, but you still need to build your own infrastructure to roll out the CA, vs. X.509, which is implicitly handled by all OSes.
link