On Sun, Jul 15, 2018 at 5:24 AM, Mike Hommey wrote: > That's because tracker.debian.org, for some reason, asks for a > client-side SSL certificate.
Some background: the Debian Single Signon system (currently) uses client-side certificates to identify users in order to store their subscription and other preferences. Lots of folks have complained about the browser UIs for this feature so it is likely that the current client-side certificate based SSO will be replaced by some other system. At the same time, other Debian services that use the current SSO have worked around the browser UI issues by only asking for the client-side certificate on a special login URL and setting a session cookie on successful login. https://wiki.debian.org/DebianSingleSignOn https://bugzilla.mozilla.org/show_bug.cgi?id=1401466 https://wiki.debian.org/SummerOfCode2018/Projects/NewDebianSSO -- bye, pabs https://wiki.debian.org/PaulWise
