I know OpenSSL, but I wouldnât say that a secure solution with client-side certificates is âeasyâ (and without client certificates, every browser script that is allowed to connect to local sockets would still be able to do malicious things).
(If it is enough to click OK [no password required] to install a rootkit, it doesnât matter if GfxTablet is present anway.)
So, thanks for your suggestion đ But GfxTablet is a prototype/proof of concept and not intended to be a secure server that supports authentication. If youâre interested in implementing this, please fork and submit a patch request.