, 8 tweets, 2 min read
For the #web #developers out there. Imagine this. The first packet a client sends to a service is encrypted already with an AEAD algo. With this single packet the user is able to establish a real time bidirectional socket to the server.
During the handshake process the server automatically logs the user in using their identity certificate which holds their public key. The certificate is signed and verifiably authentic.
A username and password was never sent. Next to no login middleware is required to do your typical user authentication procedure. Avoiding potentially a good amount of typical security protocols.
Avoid spending a pretty penny on hardware designed to store hashed psws. Avoid hashing algorithm logic and instead rely on raw cryptography embedded in the protocol.
Imagine not having a client app send cookies that you use to constantly re-authenticate each time the user makes a request to the app. Instead you have a persistent authenticated socket connection with requests over time.
Checking if a user is logged in can be as easy as a Boolean. This is exceptionally useful for systems designed so that login isn’t automatic (when resources count) and you would rather save the small login logic after a user clicks a button.
The same goes for signup. Imagine if your service could instantly identify and signup users. Yet the true identity of the user still sits behind strong cryptography.
Imagine if you could also bill users using the same info found in that first encrypted packet. A lot of power in just a single UDP packet.
Missing some Tweet in this thread? You can try to force a refresh.

Enjoying this thread?

Keep Current with Thomas DeMarchi

Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

Twitter may remove this content at anytime, convert it as a PDF, save and print for later use!

Try unrolling a thread yourself!

how to unroll video

1) Follow Thread Reader App on Twitter so you can easily mention us!

2) Go to a Twitter thread (series of Tweets by the same owner) and mention us with a keyword "unroll" @threadreaderapp unroll

You can practice here first or read more on our help page!

Follow Us on Twitter!

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just three indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!