From: djm@openbsd.org <djm@openbsd.org>
Date: Wed, 11 Dec 2019 22:19:47 +0000 (+0000)
Subject: upstream: add a note about the 'extensions' field in the signed
X-Git-Tag: V_8_2_P1~206
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=c33d46868c3d88e04a92610cdb429094aeeb5847;p=thirdparty%2Fopenssh-portable.git

upstream: add a note about the 'extensions' field in the signed

object

OpenBSD-Commit-ID: 67c01e0565b258e0818c1ccfe1f1aeaf9a0d4c7b
---

diff --git a/PROTOCOL.u2f b/PROTOCOL.u2f
index 32bfa20f3..066d09951 100644
--- a/PROTOCOL.u2f
+++ b/PROTOCOL.u2f
@@ -170,6 +170,10 @@ is signed over a blob that consists of:
 	byte[]		extensions
 	byte[32]	SHA256(message)
 
+No extensons are yet defined for SSH use. If any are defined in the future,
+it will be possible to infer their presence from the contents of the "flags"
+value.
+
 The signature returned from U2F hardware takes the following format:
 
 	byte		flags (including "user present")