[SSL Observatory] offtopic: sites with client certificate authentication

Erwann Abalea eabalea at gmail.com
Mon Aug 15 18:08:36 PDT 2011


I think Verisign offered the same service, for OpenID authentication, but I
don't remember the URL (maybe labs.verisign.com?).

Starting in 2001, up to 2008, in France, we had to authenticate using a
certificate in order to electronically declare our income tax (it was also
digitally signed by this certificate). It has changed to login/password
since.

Le 16 août 2011 01:55, "Crypto Stick" <cryptostick at privacyfoundation.de> a
écrit :
> When it comes to secure logins, client certificate authentication is a
> nice feature of SSL/TLS to get rid of usernames and passwords. For
> instance certifi.ca is an useful OpenID provider allowing such login. It
> can be used in conjunction with the USB Crypto Stick [1] (or other smart
> cards) allowing secure login from any computer.

-- 
Erwann.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.eff.org/pipermail/observatory/attachments/20110816/f9e7657b/attachment.html>


More information about the Observatory mailing list