BloggEd

Don’t you just hate it when you have gazillion of web accounts (bank, newspapers, forums, gaming systems, post office..)

Well, if you’ve up to stuff you know of OpenID which allows you to use single signin system with the systems that support it (unfortunately, few do).

Of course, your browser can be asked to remember your credentials if you need to, which alleviates the problem. However, wouldn’t it be nice if nice drum roll here ...if you could have zero signin system? You know, you just go to the site you wish and no need to login at all? Well, I just read DrNic ’s blog about zero sign in with client certificates and it blew my socks off (I also have an account at myopenid).

You might think this new system is insecure. However, you should have your computer sessions protected by password anyway, and even without any OpenID or Zero signin systems your data security is at stake if a user gets access to your browser unsupervised. So I don’t see any major threats in using cilent certificates, but plenty of login-less web goodness.