[114852] in cryptography@c2.net mail archive


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: Fixing SSL (was Re: Dutch Transport Card Broken)

daemon@ATHENA.MIT.EDU (Peter Gutmann)
Sat Feb 9 23:55:14 2008

From: pgut001@cs.auckland.ac.nz (Peter Gutmann)
To: cryptography@metzdowd.com, daw@cs.berkeley.edu
In-Reply-To: <200802100104.m1A14S4a015492@taverner.cs.berkeley.edu>
Date: Sun, 10 Feb 2008 15:54:45 +1300

David Wagner <daw@cs.berkeley.edu> writes:
>Tim Dierks writes:
>>(there are totally different reasons that client certs aren't being
>>widely adopted, but that's beside the point).
>
>I'd be interested in hearing your take on why SSL client certs aren't widely
>adopted.

Because they're essentially unworkable.  At the risk of spamming this
reference a bit too often here:

http://www.cs.auckland.ac.nz/~pgut001/pubs/usability.pdf

There's detailed discussion there of results of user studies, conference
papers, references, (hopefully) all the information you need.

Peter.

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[114852] in cryptography@c2.net mail archive

Re: Fixing SSL (was Re: Dutch Transport Card Broken)

daemon@ATHENA.MIT.EDU (Peter Gutmann)Sat Feb 9 23:55:14 2008

daemon@ATHENA.MIT.EDU (Peter Gutmann)
Sat Feb 9 23:55:14 2008