Dnia 27.01.2020 o godz. 18:04:54 John Levine via mailop pisze: > Because it's unusable unless you're a total nerd. I have provisioned my > browser > to use client certs and it wasn't pretty.
I have used certs on my company intranet. The setup didn't look that hard - after initial login with just password I had to go to a page where cert was generated. Click one button to generate the cert, and then click another to download generated cert. When the cert was downloaded, browser's dialog asking to install the cert popped up automatically (I was using Firefox, maybe it's a bit more complicated in other browsers - I don't know). Just accepting defaults was OK and the cert was installed & usable. I didn't see why this should be significantly harder than setting up a new password :) If they were able to do it that way, then probably any other Internet service would be able to do it similarly eg. during registration. Of course, during that first cert creation you are authenticated by password only, but it's basically the same situation as when you create account on Google and provide eg. phone number for 2FA. BTW. Your mail server is rejecting e-mails from my IP :( -- Regards, Jaroslaw Rafa r...@rafa.eu.org -- "In a million years, when kids go to school, they're gonna know: once there was a Hushpuppy, and she lived with her daddy in the Bathtub." _______________________________________________ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop