[wsfull]

Idea: Maybe it's the "sh" in ssh that make it so useful. Environmental variables instead of "HTTP headers". envdir

Opinion: In terms of "authentication" I still think ssh has the edge over anything associated with http/https and www. Two parties should be able to authenticate to each other without involving a third.

[hrehhf]

Actually https authentication does work like ssh (at least in Mozilla Firefox), just with the extra CA-signature option. You are warned that the certificate is not signed by CA nor been whitelisted yet. So, you can whitelist it and then all future connections can be authenticated just fine.

[wsfull]

Clarification: By "authentication" I mean keys that the users generate using ssh-keygen. I do not mean certificates or "certficate authorities" (CA's).

[spilk]

TLS supports mutual authentication via X.509 certificates, and they can be self-signed on both ends with some "accept" dialogs, similar to SSH's "do you trust this host's key?" prompts.

[wsfull]

Is generating ed25519 keys slower or faster than generating self-signed certs?

Nothing wrong with OpenSSH supporting the option to use certs. They can be useful to some users.

But the entire X.509 scheme to my knowledge was based around some idea of third party verification.

This gave rise to the business of selling CA "services". Problematic to say the least.

And still to this day, "self-signing" appears to be disfavored. Or perhaps the openssl binary is just too loaded with options for users to learn the commands to generate CA and server certs and keys.

Whether it truly is or not, ostensibly "SSL/TLS certificates" to the public seems to require third party involvement.

ed25519 keys do not have this problem. And generating them is relatively fast.