|
|
|
|
|
|
by lvc_
1057 days ago
|
|
|
It doesn't necessarily need to be public in the global sense, but it is public in the sense of "you can't rely on keeping it secret as a security boundary". Since its used to validate the signature, it will usually need to be (at least) as public as the signed thing. |
|
|