|
|
|
|
|
|
by BoppreH
1485 days ago
|
|
|
A lot simpler than a certificate authority, actually. There's no need for hierarchy, x509, or anything of the sort. Take SQRL[1] for example. It's a login system where you scan a QR code with your phone, then your phone derives a private key based on the domain and a master key, and use that to sign a challenge. Every other device (including offline backups) will generate the same private key, and hence give access to the same account. [1] https://www.grc.com/sqrl/sqrl.htm |
|
|