Explore >> Select a destination
|
You are here 
|
dkg.fifthhorseman.net | ||
| | | | |
blog.oddbit.com
|
|
| | | | | In today's post, we look at KeyOxide, a service that allows you to cryptographically assert ownership of online resources using your GPG key. Some aspects of the service are less than obvious; in response to some questions I saw on Mastodon I though I would put together a short guide to making use of the service. We're going to look at the following high-level tasks: Create a GPG key Publish the GPG key | |
| | | | |
daniel-lange.com
|
|
| | | | | ||
| | | | |
lwn.net
|
|
| | | | | ||
| | | | |
myers.io
|
|
| | | Every so often I see posts on Stack Exchange, or Hacker News where someone has figured out that their passwords are being sent to the server and the server can see them! The logic that we see is that if the password is hashed client side, then only the hash needs to be sent to the server, so the server never knows the password. Unfortunately, I sometimes even see this go one step further when people suggest that with this arrangement, HTTPS isnt required. Wrong. | ||
