I remember in grad school one of my professors saying “Networking and data storage are dual. One is about communicating data through space; the other is about communicating data through time” and 🤯. This was in the context of information theory and cryptography. I often go back to that idea.

@abucci@anthony.buc.ci Why do you want to setup your own CA? 🤔

@abucci@anthony.buc.ci Hmmm does the website or web app have to explicitly support certificate based auth? 🤔

@abucci@anthony.buc.ci in a personal case, in 2022 I explored client certificates, (I can’t recall who suggested that, it was you?).

I think it’s amazing for corporates and perhaps power users. Anyway, I think it’s too obscure for a normal employee who doesn’t understand what’s going on.

For something closer to the current Web experience I think Webauthn/Passkeys will be slightly simpler to use and to implement, due to the support of main OS and integrated security hardware in PCs and Phones. Or you can use a USB device which is closer to a “car key” being the physical aspect easier to understand than an abstract encryption technology IMO.

But as they say, why not both?