ssh certificates

To me it sounds like ssh certificates. If the certificates match (and the passphrase is entered, or cached somehow), you are granted access to your account. Otherwise you're not, or presented with an opportunity to enter a password. Now, this is for shell access, but it could imagine it being applied to web access.

Comment on ssh certificates

Replies are listed 'Best First'.
Re: ssh certificates by Thilosophy (Curate) on Apr 04, 2005 at 23:09 UTC
One of the projects I dream about doing if I suddenly find a lot of free time is trying to implement a web site login system using SSL client authentication. This way, you would access a https page, your browser presents a certificate to the site (in addition to the normal step of the site presenting a certificate to you), and if the site likes the certificate, it gives you the session cookie (or you could just stay in SSL mode for the whole session). This has a lot of advantages: The SSL protocol is widely implemented and accepted (including client authentication, no problem here at least with Mozilla and IE, I think), it is password-less (hence more secure) and it could be easily used for single-sign-on across different web sites.	[reply]

Replies are listed 'Best First'.

Re: ssh certificates
by Thilosophy (Curate) on Apr 04, 2005 at 23:09 UTC

client

This has a lot of advantages: The SSL protocol is widely implemented and accepted (including client authentication, no problem here at least with Mozilla and IE, I think), it is password-less (hence more secure) and it could be easily used for single-sign-on across different web sites.

[reply]