Kerberos doesn't work well on the web.

Citation needed. Other than throughput/reliability risks posed by the revocation check flow (which I know aren’t the reason people don’t use Kerberos on the web, since the big auth providers’ SPOFiness in this area is way worse, as proven by countless outages induced by so-and-so rickety auth component failing bringing down a major provider), Kerberos’ adoption issues on the web have more to do with network effect and monetization than technical limitations with the protocol.

	▲	gfody 9 hours ago \| parent [-]
		seriously "kerberos doesn't work well on the web" is like saying "cars don't work well on the road" browsers could make it easier to approve domains for spnego (chrome already makes it automatic for enterprise accounts). the market just doesn't want real security, it wants to login with its facebook profile.