Updated docs.

This commit is contained in:
Dain Nilsson
2016-10-19 15:40:54 +02:00
parent 127227fe4c
commit 20aa39ec21
10 changed files with 72 additions and 641 deletions
+4 -5
View File
@@ -1,13 +1,12 @@
Using Attestation
-----------------
== Using Attestation
== Introduction
=== Introduction
This feature is only available in YubiKey 4.3 and newer.
A high level description of the thinking and how this can be used can be found
at https://developers.yubico.com/PIV/Introduction/PIV_attestation.html
== Usage
=== Usage
Attestation works through a special key slot called “f9” this comes
pre-loaded from factory with a key and cert signed by Yubico, but can be
overwritten.
@@ -20,7 +19,7 @@ special key, this can be realised by using the yubico-piv-tool action attest:
The output of this is a PEM encoded certificate, signed by the key in slot f9.
== Verifying
=== Verifying
To verify an attestation step 1 is to build the certificate chain. Put the
attestation root certificate in a file (or if you trust several put all
of them in said file). The Yubico root certificate can be found at