Update preview ca certs

Yubico · Mar 4, 2024 · 163e6b4 · 163e6b4
1 parent 84e8da9
commit 163e6b4
Show file tree

Hide file tree

Showing 3 changed files with 5 additions and 2 deletions.
diff --git a/content/PGP/Attestation.adoc b/content/PGP/Attestation.adoc
@@ -116,6 +116,9 @@ NOTE: Cardholder name, fingerprint, and generation date can be overwritten with
 
 The pre-loaded attestation certificate is signed by a link:opgp-attestation-ca.pem[Yubico OPGP CA].
 
+NOTE: If you have a YubiKey Preview device, the attestation certificate will
+instead be signed by our link:opgp-preview-ca-2023-cert.pem[Yubico OPGP Preview CA].
+
 === Protocol Specification
 
 OpenPGP Attestation is an extension to the link:https://gnupg.org/ftp/specs/[OpenPGP application on ISO Smart Card Operating Systems] specification.  The new tags and instructions are reserved from version 3.4 of the spec.  Their usage is defined here.

diff --git a/content/PIV/Introduction/PIV_attestation.adoc b/content/PIV/Introduction/PIV_attestation.adoc
@@ -37,7 +37,7 @@ Extensions in the generated certificate:
 The YubiKey comes with a pre-loaded attestation certificate signed by a link:piv-attestation-ca.pem[Yubico PIV CA]. This can be overwritten by loading a new key and certificate to slot f9. After the Yubico key is overwritten it can not be brought back. The attestation key and certificate will not be cleared out by a reset of the device.
 
 NOTE: If you have a YubiKey Preview device, the attestation certificate will
-instead be signed by our link:piv-attestation-preview-ca.pem[Yubico PIV Preview CA].
+instead be signed by our link:piv-preview-ca-2023-cert.pem[2023 Yubico PIV Preview CA] or link:piv-attestation-preview-ca.pem[Yubico PIV Preview CA (prior to 2023)].
 
 [NOTE]
 ====

diff --git a/content/U2F/Attestation_and_Metadata/index.adoc b/content/U2F/Attestation_and_Metadata/index.adoc
@@ -15,7 +15,7 @@ validated. In Yubico's case, all our attestation certificates are signed by
 link:/u2f/yubico-u2f-ca-certs.txt[our root CA]. The same attestation certificate is used for both U2F and WebAuthn.
 
 NOTE: If you have a YubiKey Preview device, the attestation certificate will
-instead be signed by our link:/u2f/fido-preview-ca-cert.pem[Yubico FIDO Preview CA].
+instead be signed by our link:/u2f/fido-preview-ca-cert-2023.pem[2023Yubico FIDO Preview CA] or link:/u2f/fido-preview-ca-cert.pem[Yubico FIDO Preview CA (prior to 2023)].
 
 === Yubico's metadata format