W3C home > Mailing lists > Public > public-webid@w3.org > September 2012

Perceived issues with TLS Client Auth

From: Melvin Carvalho <melvincarvalho@gmail.com>
Date: Wed, 26 Sep 2012 14:04:38 +0200
Message-ID: <CAKaEYhJVUUt3Bpwz7VmmzmAUweWaORVR_SmoYoyvwGxdw_gKuQ@mail.gmail.com>
To: public-webid <public-webid@w3.org>
Why not use TLS Client Auth? Because it has problems:

 User Experience
 Cert generation has UI
 Cert selection has UI
(happens before user can see content of web site)

 user identity is same across all web sites

 moving certs is a hassle

 Problems in Datacenters
 make TLS terminators part of the TCB


As reported in previous thread with Ben Laurie.
Received on Wednesday, 26 September 2012 12:05:12 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:54:35 UTC