Hacker News new | past | comments | ask | show | jobs | submit login

The server requests the client prove it holds the private key in a way that is bound to the session id, which is derived from the shared secret established with ephemeral key exchange.

https://security.stackexchange.com/questions/67242/does-publ...




Consider applying for YC's W25 batch! Applications are open till Nov 12.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: