• by jwally on 4/4/2024, 1:57:31 PM

    Using the TPM for this feels _way_ over-engineered for what its trying to accomplish. Also, just tinkering with webauthn; it feels slow on the client side - which is fine if you're authenticating, but murder if you're signing something with it every time you send a cookie. I'm overthinking this maybe?