Re: Simple Page-Owner Token (SPOT) Authentication

On 11/19/14 2:45 PM, Anders Rundgren wrote:
> On 2014-11-19 19:48, Kingsley Idehen wrote:
>> On 11/19/14 9:42 AM, Anders Rundgren wrote:
>>> On 2014-11-19 14:33, Mo McRoberts wrote:
>>>> We use TLS CCA within the BBC for access to production services and 
>>>> tools. Thousands upon thousands of people use them regularly. I'm 
>>>> an issuer for third parties who've signed NDAs to get certs, so I 
>>>> also have to deal with them when they get unstuck. I can tell you 
>>>> absolutely categorically that the CCA user experience *is* 
>>>> universally terrible, especially around cert/key management. I know 
>>>> this not because I'm jumping to conclusions on behalf of end-users, 
>>>> but because I have to support the end-users who are using CCA.
>>>
>>> Exactly, the certificate/key management mechanism featured in for 
>>> example Firefox was designed 1995.
>>> Micosoft's [even more useless] CertEnroll came with Windows 98.
>>>
>>> It was OK back then but not today.
>>>
>>> Anders
>>
>> Have you tried Safari and Chrome?
>>
>> Microsoft's implementation isn't useless. What version of IE and 
>> Windows are you referring to?
>
> Kingsley,
>
> Why do you think we after TWENTY YEARS with credit-card payments
> on the web still have the worst possible security and UX?
>
> Anders

Don't tell me you believe that is a Microsoft problem.

This issue is more to do with the consequence of many smaller issues 
(and moving parts) associated with technology, application development, 
and user knowledge.

-- 
Regards,

Kingsley Idehen	
Founder & CEO
OpenLink Software
Company Web: http://www.openlinksw.com
Personal Weblog 1: http://kidehen.blogspot.com
Personal Weblog 2: http://www.openlinksw.com/blog/~kidehen
Twitter Profile: https://twitter.com/kidehen
Google+ Profile: https://plus.google.com/+KingsleyIdehen/about
LinkedIn Profile: http://www.linkedin.com/in/kidehen
Personal WebID: http://kingsley.idehen.net/dataspace/person/kidehen#this