* Richard Troy ([EMAIL PROTECTED]) wrote: > Would signed certificates be preferred? Well, sure, they're nice. I don't > object, and in fact welcome some improvements here. For example, I'd love > the choice of taking an individual user's certificate and authenticating > completely based upon that. However, while this _seems_ to simplify > things, it really just trades off with the added cost of managing those > certs - username/password is slam-dunk simple and has the advantage that > users can share one authentication.
Username/password is not acceptable in a number of situations. This is not intended to replace them. This would be in *addition* to supporting the current auth methods. I don't understand at all how you feel it'd be nice to have yet shouldn't be done. Thanks, Stephen
Description: Digital signature