[Cryptography] New SSL/TLS certs to each live no longer than 47 days by 2029
Kent Borg
kentborg at borg.org
Wed Apr 23 10:19:58 EDT 2025
On 4/22/25 9:16 PM, Theodore Ts'o wrote:
> Browsers and other actors*have* been trying to solve this problem.
> And it's called FIDO2 Passwordless Authentication.
Doesn't it solve a somewhat different problem? That is, FIDO2
Passwordless Authentication is practical details around using public key
cryptography to do mutual authentication between a client and server
that already have an established relationship. Enrollment is a problem
outside its scope and it offers me no assurances when I try to go to
https://www.somenewbank.com.
-kb
More information about the cryptography
mailing list