|
|
|
|
|
|
by hparadiz
123 days ago
|
|
|
This is a solved problem in the authentication space. Short lived tokens backed by short lived keys. A token is generated that has a timestamp and is signed by a private key with payload. The public key is available through a public api. You throw out any token older than 30 seconds. Unlimited IDs. That's basically what you want. |
|
|
Or would open the system up to the originally posted attack of providing ~an open relay.