(www.agwa.name)

637 points h1x | 2 comments | 13 Nov 21 09:13 UTC | HN request time: 0s | source

Show context

dandanua ◴[13 Nov 21 10:29 UTC] No.29208838[source]▶

>>29208518 (OP) #

This is awesome and should be more widespread.

I always feel embarrassed when I see government systems that use digital signatures infrastructure. Usually, a government website has their own web application through which you input your private key and your password. Sure, usually those applications use standard libraries that do computations locally. But how do I know this? If such a website is hacked – my private key will be exposed.

replies(2): >>29208941 #>>29209028 #

1. Hendrikto ◴[13 Nov 21 11:17 UTC] No.29209028[source]▶

>>29208838 #

That‘s why you generate a new key pair for every service.

replies(1): >>29209089 #

2. dandanua ◴[13 Nov 21 11:32 UTC] No.29209089[source]▶

>>29209028 (TP) #

I'm talking about keys that have certificates issued by authorized centers. Those keys have legal power. Also obtaining a certificate costs a fee.

↑

Sign arbitrary data with your SSH keys