|
|
|
|
|
|
by arjvik
165 days ago
|
|
|
I don’t understand why you want to enforce only using the public key instead of private key - while I believe you that as of now browsers do not disclose the public key anywhere, I’d also suspect that this is far more likely to be violated and accidentally disclosed by a bug than the private key, which theoretically cannot ever leave the TPM. Would KDF(deterministic_sign(“well-known message”)) not also provide valid entropy? Is it just impossible to force a nonce for a deterministic signature? |
|
|