On Sun, Mar 3, 2013 at 11:22 PM, <str...@riseup.net> wrote: > Hi, > > Can anyone enlighten me why client TLS certificates are used so rarely? It > used to be a hassle in the past, but now at least the major browsers offer > quite decent client cert support, and seeing how most people struggle with > passwords, I don't see why client certs could not be beneficial even to > "ordinary users".
Not sure what your idea of "quite decent client cert support" is, however I don't think this is the case: 1) It's not easy for users to use client certs instead of passwords. Try to build a demo of a site that makes use of client certs for logging in. I think you'll find it an exercise in frustration 2) It's not easy to move client certs around from browser-to-browser, e.g. if you want to log into the same site from multiple browsers (the sync features of Chrome and Firefox could potentially make this easier) 3) There's no uniform API for managing client certs from JavaScript -- Tony Arcieri
_______________________________________________ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
