[jira] [Work logged] (SSHD-1168) OpenSSH certificates: check certificate type

Thu, 27 May 2021 10:49:11 -0700 


     [ 
https://issues.apache.org/jira/browse/SSHD-1168?focusedWorklogId=603192&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-603192
 ]

ASF GitHub Bot logged work on SSHD-1168:
----------------------------------------

                Author: ASF GitHub Bot
            Created on: 27/May/21 17:48
            Start Date: 27/May/21 17:48
    Worklog Time Spent: 10m 
      Work Description: alex-sherwin edited a comment on pull request #197:
URL: https://github.com/apache/mina-sshd/pull/197#issuecomment-849821398


   I have a pending PR I was going to open tonight that touches some of this 
too, and in mine I changed the `OpenSshCertificate` valid before/after 
variables to `Instant` as it feels like a better developer experience to 
interact with (in my opinion).
   
   I also found that there is some additional invalid encoding in the 
OpenSshCertificate code from the original certkeys PR that has gone unnoticed 
with the Critical Options/Extensions data.
   
   My upcoming PR was to include code which can easily generate signed 
OpenSshCertificates, but ended up making the aforementioned fixes/changes as 
well (preview: https://github.com/alex-sherwin/mina-sshd2/pull/1)
   
   @tomaswolf Would you prefer if I un-do my change of using `Instant` before 
submitting the final PR?


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


Issue Time Tracking
-------------------

    Worklog Id:     (was: 603192)
    Time Spent: 40m  (was: 0.5h)

> OpenSSH certificates: check certificate type
> --------------------------------------------
>
>                 Key: SSHD-1168
>                 URL: https://issues.apache.org/jira/browse/SSHD-1168
>             Project: MINA SSHD
>          Issue Type: Improvement
>    Affects Versions: 2.7.1
>            Reporter: Thomas Wolf
>            Assignee: Thomas Wolf
>            Priority: Major
>             Fix For: 2.7.1
>
>          Time Spent: 40m
>  Remaining Estimate: 0h
>
> UserAuthPublicKey (client and server side) with an OpenSsshCertificate need 
> to check that the certificate is a user certificate.
> For host keys, similar checks are needed client and server side that the 
> certificate is a host certificate.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@mina.apache.org
For additional commands, e-mail: dev-h...@mina.apache.org

Reply via email to