Add cryptography-related resources to authentication page.

Includes links to Web Crypto API info
parent d662a029
......@@ -31,10 +31,24 @@ As such, the current plans for authentication are:
3. It uses the decrypted private key to authenticate using public key authentication (see below).
## Future thoughts:
* Use a Service Worker to handle cryptographic functions in the browser to keep the private key safe from a server that turns malicious at some point. (Keep an eye on [browser compatibility]( – once all evergreen browsers support this, let’s take a look.)
## General resources
* [Storing Cryptographic Keys in Persistent Browser Storage](
* [Web Crypto API](
* [Web Crypto examples](
## Public Key Authentication
### Resources
* For a general guide on application of cryptography for deelopers, see the book [Serious Cryptography: A Practical Introduction to Modern Encryption](
* [feathers-authentication-publickey]( “Public Key authentication strategy for feathers-authentication using Passport” ([Example.](
* [passport-publickey]( “Passport strategy for authenticating using a public/private key pair to sign a nonce challenge.”
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment