https://bugzilla.mindrot.org/show_bug.cgi?id=3748
Damien Miller <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #3894|0 |1 is obsolete| | --- Comment #15 from Damien Miller <[email protected]> --- Created attachment 3922 --> https://bugzilla.mindrot.org/attachment.cgi?id=3922&action=edit accept webauthn signatures by default I don't think the changes to sshkey_check_sigtype() are correct. Implicitly accepting webauthn signatures there would make it impossible for an administrator to disable webauthn signatures. IMO it's better to explicitly enable it by default. This means adding a corresponding signature type for certificate keys that can be used when advertising support for them (e.g. in the host key algorithms KEXINIT field) -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug. _______________________________________________ openssh-bugs mailing list [email protected] https://lists.mindrot.org/mailman/listinfo/openssh-bugs
