Comment on [deleted]
majster@lemmy.zip 1 day ago
Client side TLS certs are basically the same stuff and it works nicely. Too bad they didn’t improve on that. My guess is that the big boys want to handle it at application layer.
Comment on [deleted]
majster@lemmy.zip 1 day ago
Client side TLS certs are basically the same stuff and it works nicely. Too bad they didn’t improve on that. My guess is that the big boys want to handle it at application layer.
Appoxo@lemmy.dbzer0.com 1 day ago
To me they seem
A More user friendly
B Abstract away the burden of keeping the mTLS synchronized across devices
C Can be used in hardware and software.
Feel free to correct me if my assumptions are wrong.
majster@lemmy.zip 1 day ago
Is your B point properly addressed by Passkeys? With all this talk about export I presume not. Client certs seem abandoned, you can’t use it on mobile.
Appoxo@lemmy.dbzer0.com 1 day ago
In theory yes.
Hardware tokens are bound to keys
Software baes tokens can be synced with password managers (3rd or 1st party)
And the client cert abandonment problem is an entirely other issue.