[Cryptography] client certificates ... as opposed to password hashing

[John Denker]

There have been a number of good comments in this thread.
I won't go into details about the stuff we agree on.

OTOH, there are a couple of points that might beneifit
from correction or clarification:

The client certificate does not need to be signed ...  not
signed before use, anyway.  By way of analogy, note that 
in the present e-commerce scheme, my password is not signed!
So an unsigned certificate can do everything a password can
do, and more.

Doing without the third-party signature greatly simplifies
the process of creating the certificate.  This improves the
user experience.

Note that Joe User can easily have a separate certificate-
pair for each merchant.  The certificate manager can handle
this with ease.  (I already use a different email and different
password for each merchant, and have done for many years.)

=========

As a related point, dealing with certificates does create
a burden on the user ... but dealing with passwords (with
any semblance of security) also creates a burden.  Also,
having your account information compromised every few
months (Target, eBay, ...) also creates a burden!

On 05/27/2014 01:53 AM, Guido Witmond wrote:

> I'm looking for sponsors to make the browser plugin and the server 
> side certificate handling into easy to use packages.

I reckon Citibank should sponsor something like this.  The
US e-commerce sector is on the order of 350 gigabucks per
year.  Insecurity is already making people less willing to
shop online.  You could make a pretty strong business case
that improving security and usability are worth the cost.