[OpenID] [oauth] Re: [diso-project] Re: OpenID Accessibility
Martin Atkins
mart at degeneration.co.uk
Tue Nov 4 22:14:25 UTC 2008
Eddy Nigg (StartCom Ltd.) wrote:
> On 11/05/2008 12:01 AM, Ben Laurie:
>>> Do you mean the "authentication"? Like you memorize your passwords and move
>>> it around to different platforms? Is this what you are saying or is it
>>> something else?
>>>
>>
>> That's what I'm saying.
>>
> Nothing more easy than that. Either install the certificate directly
> into a smart card or USB smart card capable token (eToken) or the
> cheaper solution is to export the certificate from your original
> browser, transfer to your other computer (via disk-on-key perhaps) and
> install into the browser there.
>
I use client certs to authenticated with MyOpenID. I solve this problem
by having a separate cert to each device. That way I can revoke a cert
if one of my devices gets "compromised", as I did for my work PC when I
left my previous employer, and as I would do if I lost my laptop.
Of course, I issue these certs in the first place by going to MyOpenID
and logging in with a password. I'm sure there's a way to use one
already-certed client to obtain a cert for another, but I don't know how
to do with my browser's UI, which seems to be all about automatically
installing certs into itself.
(The browser on my cellphone doesn't support SSL client certs, sadly.)
More information about the general
mailing list