|
|
|
|
|
|
by bebop
2070 days ago
|
|
|
In my opinion, client certificates are great, you can let existing crypto infrastructure deal with the problem of "who is this user?". The biggest problem is around revocation. You need to have some central revocation list and make sure that all of the users of your PKI are keeping that list up-to-date in production, which can be difficult if you do not plan for that from the start. |
|
|