On 25/09/14 13:43, Steve Roylance wrote: > You can encrypt communications if you have a public/private key pair
You can; although most often that's provided by the server in the model of computing most prevalent on the web today. > You can digitally sign (with the full support of digital signature laws) Yep, OK. > Through federation you can use your ID in multiple places Well, you can carry the widget around too :-) > I agree that it would be great for all members of the eco system to work > together to improve some of the issues you say are disadvantages, but I do > disagree with one of your items. A digital certificate has an end date. A > secure key has a battery with no specific end date so one definitely has no > warning capability. Well, often there's a "battery low" message or light. Whereas I think it's most people's experience that certificate-use UIs don't pop up helpful messages like "Hey, this cert you are using expires in a week. have you thought about getting a new one?" And yes, I take your point about improving the UX... but that was where my thoughts started. Perhaps the reason that the client cert UX is unloved is that they don't meet common use cases? Gerv _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy