**Mauve 👁💜** @mauve@mastodon.mauve.moe · May 10, 2023, 17:52

**Mauve 👁💜** @mauve@mastodon.mauve.moe · May 10, 2023, 17:52

Mauve 👁💜 @mauve@mastodon.mauve.moe

May 10, 2023, 17:52

Seriously, why the hell are we still using username/password when browsers have supported requesting client certificates for years now.

Literally just learned today that it's an API that's supported in all the major browsers already. Maybe because it's at the TLS/Server-side layer instead of inside client-side JS or the HTTP layer?

Only downside is now I need to add this functionality to Agregore. :P

**Dmitri | 🇺🇦** @dmitri@social.coop · May 11, 2023, 00:25

**Dmitri | 🇺🇦** @dmitri@social.coop · May 11, 2023, 00:25

May 11, 2023, 00:25

Dmitri | 🇺🇦 @dmitri@social.coop

@mauve Nooo, don't even bother with the horrid client certificate stuff. The browsers first created the most hateful UI for those things, and THEN killed it. It's dead, just let it be.

**Mauve 👁💜** @mauve@mastodon.mauve.moe · 2023-05-11T00:32:02Z

Mauve 👁💜 @mauve@mastodon.mauve.moe

@dmitri I'll mourn for the world that never was. 😭

May 11, 2023, 00:32 · · Tusky · · ·

**Dmitri | 🇺🇦** @dmitri@social.coop · May 11, 2023, 00:51

**Dmitri | 🇺🇦** @dmitri@social.coop · May 11, 2023, 00:51

May 11, 2023, 00:51

Dmitri | 🇺🇦 @dmitri@social.coop

@mauve Omg, seriously. Back in 2016, when browsers started pulling support for generating client certs, I basically spent a year creating a new cross-domain authn system for the Solid Project (it relied solely on client certs before that).

But I still think about the kind of awesome world we could have had, had the vendors supported client certs properly. Just boggles the mind.

Resources

Developers

What is Mastodon?

mastodon.mauve.moe

More…