On Tue, Apr 27, 2010 at 5:26 PM, Lloyd Kvam <lk...@venix.com> wrote: > Has anyone here tried to use certificates or public-keys to control > access?
Yes. A few of our customers at $WORK do this. (Of course, they usually email us the private key without any transport protection, but hey, you didn't ask about key security.) Certainly the browsers support it. Even crufty old MSIE 6. > Do you think it is hopeless trying to educate users to import a > certificate and protect it with a pass phrase? Depends on the user community. You need clue at the user end. That can mean the users have clue themselves, or the users can be counted upon to have clue nearby (e.g., IT department), or you can afford to fund a large call center to inject clue over the telephone. The users also have to be well-motivated to put up with it. So, for example, a Large Mammoth Company can dictate the use of certificates. They can fund the call center, and nobody's going to tell them to pound sand, because they are a huge player in the industry. If you're trying to be the next Facebook or Wikipedia, forget it. -- Ben _______________________________________________ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/