@_emboss_ I'm thinking I might like to add Curve25519 to krypt ;)
@_emboss_ I want the request to be a signed encrypted pubkey, and the response a secret value encrypted with that pubkey (and signed)
-
-
@bascule I just read your gist - you mentioned replay etc. - how would you defend against that? Or no need to? -
@_emboss_ no need to, replay would just get them an encrypted secret they couldn't decrypt -
@bascule I see. I'll try to wrap my head around it some more, I'll get back to you if I have further questions/comments ?
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.