Y
Hacker News
new
|
ask
|
show
|
jobs
by
Avamander
1147 days ago
I doubt e.g. OpenSSH would ever implement something like you describe though. They're seemingly very much against anything x509/WebPKI.
2 comments
ilc
1147 days ago
You imply OpenSSH is the place to do this work.
Given the protocol changes needed, it may be a new implementation. I actually expect it would be.
link
mvkg
1147 days ago
I believe section 7 of RFC 9000 would allow for the creation of a handshake protocol which could conform to SSH without the need for including x509.
link
tankenmate
1146 days ago
Thanks for the tip, wasn't aware of this.
link
Given the protocol changes needed, it may be a new implementation. I actually expect it would be.