Perceived issues with TLS Client Auth from Melvin Carvalho on 2012-09-26 (public-webid@w3.org from September 2012)

From: Melvin Carvalho <melvincarvalho@gmail.com>
Date: Wed, 26 Sep 2012 14:04:38 +0200
To: public-webid <public-webid@w3.org>
Message-ID: <CAKaEYhJVUUt3Bpwz7VmmzmAUweWaORVR_SmoYoyvwGxdw_gKuQ@mail.gmail.com>

Why not use TLS Client Auth? Because it has problems:

• User Experience
– Cert generation has UI
– Cert selection has UI
(happens before user can see content of web site)

• Privacy
– user identity is same across all web sites

• Portability
– moving certs is a hassle

• Problems in Datacenters
– make TLS terminators part of the TCB

http://tools.ietf.org/agenda/81/slides/tls-1.pdf.

As reported in previous thread with Ben Laurie.

Received on Wednesday, 26 September 2012 12:05:12 UTC