Hi, Can anyone enlighten me why client TLS certificates are used so rarely? It used to be a hassle in the past, but now at least the major browsers offer quite decent client cert support, and seeing how most people struggle with passwords, I don't see why client certs could not be beneficial even to "ordinary users".
With CAcert, there is even an excellent infrastructure in place that could allow people to generate signed pseudonymous client certificates. A service provider could limit the amount of certificates allowed per user (as validated by CAcert), maybe even the amount of points required etc. That way, one could provide services without the requirement of registration, and still effectively limit abuse? Wondering -strife _______________________________________________ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography