[cryptography] Client certificate crypto with a twist

Jonas Wielicki development at sotecware.net
Wed Oct 10 10:39:30 EDT 2012


On 10.10.2012 16:29, Jon Callas wrote:
> Why not store a representation of a *key* (a hash is a representation of a key) and then prove possession of the key? It doesn't need to be certified. I can store that key on as many computers as needed via a keychain or something like it.

Lemme throw in this:

<http://dev.w3.org/html5/spec/the-keygen-element.html#the-keygen-element>

> The keygen element represents a key pair generator control. When the
> control's form is submitted, the private key is stored in the local
> keystore, and the public key is packaged and sent to the server.

-- Jonas



More information about the cryptography mailing list