[SPEC] Experimenting with a status code of 12

Stephane Bortzmeyer stephane at sources.org
Fri Feb 19 14:32:29 GMT 2021


On Thu, Feb 18, 2021 at 08:30:05PM -0700,
 Mansfield <mansfield at ondollo.com> wrote 
 a message of 291 lines which said:

> If a certificate is used to create an account, it becomes a form of
> username/password.

Not really. A certificate is basically a public key plus some metadata
(identity, signature, expiration date, etc). Certificates are
typically public (with TLS 1.2, they are even sent in clear). It is
the knowledge of the private key that allows client certificates to be
used as an authentication tool.



More information about the Gemini mailing list