* Richard Troy ([EMAIL PROTECTED]) wrote:
> Would signed certificates be preferred? Well, sure, they're nice. I don't
> object, and in fact welcome some improvements here. For example, I'd love
> the choice of taking an individual user's certificate and authenticating
> completely based upon that. However, while this _seems_ to simplify
> things, it really just trades off with the added cost of managing those
> certs - username/password is slam-dunk simple and has the advantage that
> users can share one authentication.

Username/password is not acceptable in a number of situations.  This is
not intended to replace them.  This would be in *addition* to supporting
the current auth methods.  I don't understand at all how you feel it'd be
nice to have yet shouldn't be done.



Attachment: signature.asc
Description: Digital signature

Reply via email to