Fixing SSL (was Re: Dutch Transport Card Broken)
Peter Gutmann
pgut001 at cs.auckland.ac.nz
Sat Feb 9 21:54:45 EST 2008
David Wagner <daw at cs.berkeley.edu> writes:
>Tim Dierks writes:
>>(there are totally different reasons that client certs aren't being
>>widely adopted, but that's beside the point).
>
>I'd be interested in hearing your take on why SSL client certs aren't widely
>adopted.
Because they're essentially unworkable. At the risk of spamming this
reference a bit too often here:
http://www.cs.auckland.ac.nz/~pgut001/pubs/usability.pdf
There's detailed discussion there of results of user studies, conference
papers, references, (hopefully) all the information you need.
Peter.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list