Agreed if you configure your HTTPS server to accept certificates from any issuer... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

nicolas314 on July 11, 2013 | parent | context | favorite | on: Why is nobody using SSL client certificates?

Agreed if you configure your HTTPS server to accept certificates from any issuer. But if you restrict it to a smaller list of CAs, users are only prompted to choose among their certificates matching those CAs.

tokenizerrr on July 11, 2013 [–]

It's possible to self sign client certificates, right? If so, you could just limit the list to your own.

Consider applying for YC's Summer 2025 batch! Applications are open till May 13
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact