[cryptography] Client TLS Certificates - why not?
tony.arcieri at gmail.com
Mon Mar 4 18:22:16 EST 2013
On Sun, Mar 3, 2013 at 11:22 PM, <strife at riseup.net> wrote:
> Can anyone enlighten me why client TLS certificates are used so rarely? It
> used to be a hassle in the past, but now at least the major browsers offer
> quite decent client cert support, and seeing how most people struggle with
> passwords, I don't see why client certs could not be beneficial even to
> "ordinary users".
Not sure what your idea of "quite decent client cert support" is, however I
don't think this is the case:
1) It's not easy for users to use client certs instead of passwords. Try to
build a demo of a site that makes use of client certs for logging in. I
think you'll find it an exercise in frustration
2) It's not easy to move client certs around from browser-to-browser, e.g.
if you want to log into the same site from multiple browsers (the sync
features of Chrome and Firefox could potentially make this easier)
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the cryptography