ssh-agent implemented an all-or-nothing allow-list of FIDO application

IDs for security key-backed keys, to prevent web key handles from
being used remotely as this would likely lead to unpleasant surprises.
By default, only application IDs that start with "ssh:*" are allowed.

This adds a -Owebsafe-allow=... argument that can override the default
list with a more or less restrictive one. The default remains unchanged.

ok markus@

0 files changed, 0 insertions, 0 deletions