upstream: document the "no-touch-required" certificate extension;

author djm@openbsd.org <djm@openbsd.org>

Mon, 25 Nov 2019 00:57:51 +0000 (00:57 +0000)

committer Damien Miller <djm@mindrot.org>

Mon, 25 Nov 2019 01:25:53 +0000 (12:25 +1100)
author djm@openbsd.org <djm@openbsd.org>
Mon, 25 Nov 2019 00:57:51 +0000 (00:57 +0000)
committer Damien Miller <djm@mindrot.org>
Mon, 25 Nov 2019 01:25:53 +0000 (12:25 +1100)
diff --git a/PROTOCOL.certkeys b/PROTOCOL.certkeys

index 48338e671cc5ec80e896bd9eeb2cf79d10d1cbc6..1fce87006f131a7dd8a917ccf9e0a526233f3745 100644 (file)
--- a/PROTOCOL.certkeys
+++ b/PROTOCOL.certkeys
@@ -280,6 +280,13 @@ their data fields are:
  
  Name                    Format        Description
  -----------------------------------------------------------------------------
+no-presence-required    empty         Flag indicating that signatures made
+                                      with this certificate need not assert
+                                      user presence. This option only make
+                                      sense for the U2F/FIDO security key
+                                      types that support this feature in
+                                      their signature formats.
+
  permit-X11-forwarding   empty         Flag indicating that X11 forwarding
                                        should be permitted. X11 forwarding will
                                        be refused if this option is absent.
@@ -304,4 +311,4 @@ permit-user-rc          empty         Flag indicating that execution of
                                        of this script will not be permitted if
                                        this option is not present.
  
-$OpenBSD: PROTOCOL.certkeys,v 1.16 2018/10/26 01:23:03 djm Exp $
+$OpenBSD: PROTOCOL.certkeys,v 1.17 2019/11/25 00:57:51 djm Exp $
author	djm@openbsd.org <djm@openbsd.org>
	Mon, 25 Nov 2019 00:57:51 +0000 (00:57 +0000)
committer	Damien Miller <djm@mindrot.org>
	Mon, 25 Nov 2019 01:25:53 +0000 (12:25 +1100)