On 6/28/2023 6:59 AM, Quanah Gibson-Mount wrote:

I guess it comes to an issue of trust. I wouldn't trust Amazon, Facebook, or Google issued certificates, and I personally avoid making use of those types of integrations for username/password.

Indeed. A certificate-based scheme would be more trustworthy, because the issuer isn't contacted on every login and so can't track where you've used the certificate. You *would* have to trust that they only issue one certificate for any given DN, or at least that they ensure that they all go to the same authenticated user, or that they revoke ones that have been replaced. But a data aggregator might still be able to connect dots that you might not want connected.

I would *not* trust that the DN represents any particular human, only that it's the same certificate that was used to set up the authentication.

But your level of trust and my level of trust are not immediately important. What's important is that it's not silly to trust such an organization and its certificates.

-- 
Jordan Brown, Oracle ZFS Storage Appliance, Oracle Solaris