--On Wednesday, June 28, 2023 3:41 AM +0000 Jordan Brown <[email protected]> wrote:
On 6/27/2023 7:14 PM, Quanah Gibson-Mount wrote: Using a public CA for client certs seems very odd to me. Depends on your use case. Think of it as a form of federated login. Many sites will let you log in with your Google username and password (or Amazon or Facebook or ...); why not let you log in using your Google-issued certificate?
I guess it comes to an issue of trust. I wouldn't trust Amazon, Facebook, or Google issued certificates, and I personally avoid making use of those types of integrations for username/password.
--Quanah
