In article <20200127101751.ga2...@rafa.eu.org>, Jaroslaw Rafa via mailop <r...@rafa.eu.org> wrote: >If we are at this topic, I wonder since long time why none, literally none >publicly available Internet service where users' private data is stored and >needs to be protected, has implemented certificate-based login.
Because it's unusable unless you're a total nerd. I have provisioned my browser to use client certs and it wasn't pretty. In practice TOTP is as good as client certs. Both show that the client has the key in a way that doesn't send the key over the wire. R's, John -- Regards, John Levine, jo...@taugh.com, Primary Perpetrator of "The Internet for Dummies", Please consider the environment before reading this e-mail. https://jl.ly _______________________________________________ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop