Tom Mueller (pkg-discuss) wrote: > Is there a write up explaining why client certs are being used for > authentication to authorities rather than say, username/password?
Why not use them ? What problem is it causing you ? They provide much better security than username password in a number of ways. They provided a better binding that you know you you are talking to and it happens in the SSL exchange rather than the application. Certificates can be revoked and managed in ways that is more useful for dealing with entitlement issues. This is a new system being developed from scratch so it is the perfect opportunity to not implement weak and hard to manage security mechanisms like username/password. -- Darren J Moffat _______________________________________________ pkg-discuss mailing list [email protected] http://mail.opensolaris.org/mailman/listinfo/pkg-discuss
