[conspire] SSH-PKI lol
Nick Moffitt
nick at zork.net
Fri Oct 1 02:23:27 PDT 2021
On 30Sep2021 11:54am (-0700), Rick Moen wrote:
> Quoting Nick Moffitt (nick at zork.net):
> > https://github.com/mjg59/ssh_pki
[...]
> As Garrett illustrates, well, ssh certificates are sort of there,
> vestigial, pointless, and dumb. Exploiting them by tying them into the
> global PKI using X.509 is, indeed, a gloriously stupid, crazy idea. Bravo.
>
> Maybe, version 2.0 can put some XML in there, some J2EE, and a "service
> layer".
Don't forget to call any code that actually does anything "business logic" to sound Important and Serious, and make sure you require some sort of ISO9000-ish certification to submit a patch!
More information about the conspire
mailing list