On Tue, Nov 7, 2023 at 2:09 PM David Benjamin <david...@chromium.org> wrote:
> It's a mess. Client certificates are the bane of my existence. :-) > It is really confusing, even for someone that knows more than most about this stuff. The parts that overlap for me are hardware keys (like a Yubikey or Google Advanced Protection) and biometric stuff like FaceID. I do not have an opinion on this one, but it is really not clear to me what is supposed to be doing what. I wish someone would map it out, or at least document the trade-offs. This problem has even crossed over into pop-culture: <https://gimletmedia.com/shows/reply-all/v4he6k> (The Snapchat Thief) So, I think we are failing here (as a group in the IETF), but I really don't know what the solution is. thanks, Rob
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls