Seriously, why the hell are we still using username/password when browsers have supported requesting client certificates for years now.
Literally just learned today that it's an API that's supported in all the major browsers already. Maybe because it's at the TLS/Server-side layer instead of inside client-side JS or the HTTP layer?
Only downside is now I need to add this functionality to Agregore. :P
@mauve if you implement it with a UI button to switch/disable the chosen client certificate, you'll have surpassed every other browser to date.
(I kinda wish FOAF+SSL had caught on, it was a clever notion.)
@tangent128 Yeah I think the only tradeoff is that I'm aiming to remove the need for servers at all and the other browswrs pretty much dropped suppport for the function. 😭
might be good to find an equivalent for key management though
