Re: Design Considerations for New Authentication Methods

* Richard Troy (rtroy@ScienceTools.com) wrote:
> Would signed certificates be preferred? Well, sure, they're nice. I don't
> object, and in fact welcome some improvements here. For example, I'd love
> the choice of taking an individual user's certificate and authenticating
> completely based upon that. However, while this _seems_ to simplify
> things, it really just trades off with the added cost of managing those
> certs - username/password is slam-dunk simple and has the advantage that
> users can share one authentication.

Username/password is not acceptable in a number of situations.  This is
not intended to replace them.  This would be in *addition* to supporting
the current auth methods.  I don't understand at all how you feel it'd be
nice to have yet shouldn't be done.
Thanks,
    Stephen