Y
Hacker News
new
|
ask
|
show
|
jobs
by
trebecks
2525 days ago
the user isn't signing anything. the server is signing something it sends to the user. when the user sends it back to the server, the server checks the sig to make sure the user didn't alter/forge it.