alt Hacker NewsI thought a solution to this would be to use a physical smartcard to store the certificate(perhaps on your government ID). if the protocol is a challenge/response and the private key never leaves the card it would make proxying without the physical card more difficult.
Replies
pastel8739 • today at 2:12 AM
If the smart cards required some human input to perform a signature maybe this could work. Otherwise there is nothing stopping someone from selling use of their card via some proxy software
➕ show 1 reply
Yeah great idea, having to get out your government ID every time you want to use a website.