

Show HN: Web API Authentication with SSH Public Keys - hodgesmr
https://github.com/teddziuba/pqauth

======
heme
We need to implement something along these lines to secure our API. This is
interesting, but I need help understanding why the server can't just provide a
random session_key after successful authentication? As long as that
session_key is valid on the API then do I care about GUIDs and Public Keys?
What is the "Needham-Schroeder-Lowe Public-Key Protocol" portion of this
providing?

------
rpedela
This is great.

