|
|
|
|
|
|
by oever
1318 days ago
|
|
|
The private key is used in HTTP Signatures for authentication. The signature does not cover the body of the http request and is not stored or published. The http post contains an http headers that signs just a few other header fields. The signature is only valid for a short time. There is an example here:
<https://blog.joinmastodon.org/2018/06/how-to-implement-a-bas...> |
|
|