W3C home > Mailing lists > Public > public-webappsec@w3.org > March 2016

Re: Using client certificates for signing

From: Mitar <mmitar@gmail.com>
Date: Tue, 1 Mar 2016 12:33:42 -0800
Message-ID: <CAKLmikM5mzX4WcGS2=z2+T9va88JCMgn1RqKKwUtYoHX7-9x2w@mail.gmail.com>
To: Ángel González <angel@16bits.net>
Cc: "public-webappsec@w3.org" <public-webappsec@w3.org>
Hi!

On Mon, Feb 29, 2016 at 2:44 PM, Ángel González <angel@16bits.net> wrote:
> The user would need to add your domain to the list of websites allowed
> to use that certificate. The *.gov.$CC was an example for wildcard
> support.

OK, but that is then similar to the website prompting the user to use
the certificate? You would only want to make it more complicated for
the user to do so? So that they have to go to the preferences and do
it there? Or  could that list be updated by just approving the dialog
box the first time the site wants to use the certificate?

> No. There may be several certificates, each with its own set of
> permissions.

Yes, in the prompt user would choose which certificate to use with a
given site as well.

Firefox already has similar prompt when you access SSL site with
client-certificate.


Mitar

-- 
http://mitar.tnode.com/
https://twitter.com/mitar_m
Received on Tuesday, 1 March 2016 20:34:10 UTC

This archive was generated by hypermail 2.3.1 : Monday, 23 October 2017 14:54:18 UTC