On 2019-05-06 2:35 p.m., Neil Madden wrote:
> I don’t know the relative merits of Link headers vs .well-known, but
> there is at least one other draft standard I know of that is going
> down the .well-known route for this kind of thing (password changes in
> this case):
>
> https://github.com/WICG/
I have published a -01 version with example computations for both ECDH-1PU over
P-256 and also a two-way interactive handshake using it with X448 keys. I also
fleshed out the security considerations and added a “skid” (Sender Key ID)
header parameter.
I think this is potentially very useful in
