[Fwd: client-side cert should work for Firefox too]
Toshio Kuratomi
a.badger at gmail.com
Mon Dec 15 16:40:42 UTC 2008
Ignacio Vazquez-Abrams wrote:
> For your consideration.
>
> -------- Forwarded Message --------
>> From: Edward J. Huff <ed at huff20may77.us>
>> To: webmaster at fedoraproject.org
>> Subject: client-side cert should work for Firefox too
>> Date: Sun, 14 Dec 2008 12:39:01 -0500
>>
>> Since you generate client-side certificates, why don't you generate them
>> for use in place of passwords when logging into the website?
>> Then you wouldn't have to insist on changing passwords.
>
>
Hello,
We've been looking at using client-side certificates for logging into
Fedora Web Services for a while. One of our apps,
koji.fedoraproject.org, only does authentication via SSL client
certificates. Unfortunately, we've discovered that there's some tricky
problems with CSRF and SSL Authentication that we'll need to solve
before we're ready to enable this as the preferred method of
authenticating for everything.
You can see the current CSRF portion of the SSL plan here:
https://fedorahosted.org/fas/wiki/CSRF
-Toshio
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 197 bytes
Desc: OpenPGP digital signature
URL: <http://listman.redhat.com/archives/fedora-infrastructure-list/attachments/20081215/a1c953a6/attachment.sig>
More information about the Fedora-infrastructure-list
mailing list