Ignacio Vazquez-Abrams wrote: > For your consideration. > > -------- Forwarded Message -------- >> From: Edward J. Huff <ed@xxxxxxxxxxxxxx> >> To: webmaster@xxxxxxxxxxxxxxxxx >> Subject: client-side cert should work for Firefox too >> Date: Sun, 14 Dec 2008 12:39:01 -0500 >> >> Since you generate client-side certificates, why don't you generate them >> for use in place of passwords when logging into the website? >> Then you wouldn't have to insist on changing passwords. > > Hello, We've been looking at using client-side certificates for logging into Fedora Web Services for a while. One of our apps, koji.fedoraproject.org, only does authentication via SSL client certificates. Unfortunately, we've discovered that there's some tricky problems with CSRF and SSL Authentication that we'll need to solve before we're ready to enable this as the preferred method of authenticating for everything. You can see the current CSRF portion of the SSL plan here: https://fedorahosted.org/fas/wiki/CSRF -Toshio
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Fedora-infrastructure-list mailing list Fedora-infrastructure-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-infrastructure-list
