| ▲ | mschuster91 4 days ago | ||||||||||||||||
the UI for client side certificates was shit for years. no one particularly cared. passkeys however are... pretty reasonable. | |||||||||||||||||
| ▲ | xorcist 4 days ago | parent | next [-] | ||||||||||||||||
That's just it. If any of the browser vendors put 1% of the work they spent on renewing their visual identity, remodeling their home page, or inventing yet another menu system into slightly easier to use client certificates (and smart cards) this would have been a solved problem two decades ago. All the pieces are in place, every browser has supported this since the birth of SSL, it's just the user interface bits that are missing. It's nothing short of amazing that nobody worked on this. It's not as if there isn't a need. Everyone with high security requirements (defense, banks etc.) already do this, but this clumsy plugins and (semi-)proprietary software. Instead we get the nth iteration of settings redesigns. | |||||||||||||||||
| |||||||||||||||||
| ▲ | goku12 4 days ago | parent | prev | next [-] | ||||||||||||||||
> the UI for client side certificates was shit for years. no one particularly cared. That's exactly what I mean! Who would use it if the UI/UX is terrible? Many Gemini (protocol) browsers like Lagrange have such pleasant UIs for it, though somewhat minimal. With sufficient push, you could have used mutual TLS from even hardware tokens. | |||||||||||||||||
| ▲ | 4 days ago | parent | prev | next [-] | ||||||||||||||||
| [deleted] | |||||||||||||||||
| ▲ | chuckadams 4 days ago | parent | prev [-] | ||||||||||||||||
At least on a Mac, you can just double-click a cert file, it'll prompt to install in Keychain, and anything using macOS's TLS implementation will see it. | |||||||||||||||||
| |||||||||||||||||