add a helper function
d0_blind_id_authenticate_with_private_id_generate_missing_signature to generate
NON-blind signatures:
Server shall:
- load private key
Both shall:
- perform authentication as usual
Server shall:
- notice that the status is false
- call d0_blind_id_authenticate_with_private_id_generate_missing_signature
- write public ID
- send that data to client
Client shall:
- read own private ID
- get fingerprint
- read received public ID (leaves the private part alone)
- verify fingerprint
- possibly verify ID
- write own private ID again