[jira] [Work logged] (SSHD-1161) Support OpenSSH client certificates for publickey authentication

Sun, 16 May 2021 02:27:05 -0700 


     [ 
https://issues.apache.org/jira/browse/SSHD-1161?focusedWorklogId=597359&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-597359
 ]

ASF GitHub Bot logged work on SSHD-1161:
----------------------------------------

                Author: ASF GitHub Bot
            Created on: 16/May/21 09:26
            Start Date: 16/May/21 09:26
    Worklog Time Spent: 10m 
      Work Description: FliegenKLATSCH commented on pull request #194:
URL: https://github.com/apache/mina-sshd/pull/194#issuecomment-841791524


   Nice work, two comments from my side:
   - If we have the `SIGNATURE_ALGORITHM_MAP` now, we should remove the 
[mapping](https://github.com/apache/mina-sshd/pull/164/commits/374748385a117d0a2e0ca4710d30fe60c2b4d976)
 I introduced in the RSA classes, it's just duplicated..
   - We should still somewhere validate the type of the certificate such that a 
host certificate cannot be used for user authentication and vice versa.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
[email protected]


Issue Time Tracking
-------------------

            Worklog Id:     (was: 597359)
    Remaining Estimate: 20h 20m  (was: 20.5h)
            Time Spent: 3h 40m  (was: 3.5h)

> Support OpenSSH client certificates for publickey authentication
> ----------------------------------------------------------------
>
>                 Key: SSHD-1161
>                 URL: https://issues.apache.org/jira/browse/SSHD-1161
>             Project: MINA SSHD
>          Issue Type: New Feature
>            Reporter: Alex Sherwin
>            Priority: Major
>   Original Estimate: 24h
>          Time Spent: 3h 40m
>  Remaining Estimate: 20h 20m
>
> Support OpenSSH client certificates for publickey authentication
> This extends the existing publickey authentication protocol described in RFC 
> 4252 Section 7: https://datatracker.ietf.org/doc/html/rfc4252#section-7
> The extensions are described in 
> [https://cvsweb.openbsd.org/src/usr.bin/ssh/PROTOCOL.certkeys?annotate=HEAD]
> Currently the MINA code base supports host key certificates (where the client 
> can optionally validate a host certificate), but client certificates are not 
> supported (where the client can use a certificate for authentication to the 
> server)
>  



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to