undefined | Better HN

0 pointsmartinml12y ago0 comments

If you can use a password to generate/link a new certificate, wouldn't that mean the weakest link is again the password? Sorry if I am misunderstanding, it's a very interesting topic but I'm not sure I get it :)

0 comments

1 comments · 1 top-level

mars12y ago

it depends on how it gets implemented. if you decide that classic user/pw auth should co-exist it is of course still the "weakest link". sharing certificates across devices is also possible. os-x mavericks supports this natively with the new icloud keychain. although that might not be what you want, security-wise.

j / k navigate · click thread line to collapse