A partial archive of discourse.wicg.io as of Saturday February 24, 2024.

Public key authentication in browsers


RFC 5705 describes a mechanism for accessing a shared, TLS-session-specific, mutually-derived hash that can be used in application-layer protocols.

It occurs to me that this could serve the same role as the session identifier in SSH public key authentication. Thus, a web client could authenticate to a server without sending a password via a similar workflow to what SSH public key authentication uses. I’m envisioning an Authorization header that contains the public key as well as a signature of the RFC 5705 key export material.

This seems to be workable on the HTTP level, which already would be a boon for APIs. Could it potentially work in the browser?

I’m thinking something like:

  • User creates the account.
  • Client-side JS runs some command to generate a public/private key pair. That JS will prompt the user before continuing; if the user accepts, the browser will store the private key locally and expose just the public key to the JS code. The JS can send it to the server however it will.
  • On reauthentication, the user will choose which key to use to authenticate. The form submission will contain the needed Authorization header.