Apple is working towards iCloud Keychain backed public-key-based credentials to replace passwords.

Sounds good! client certs demonstrate that crypto-based user authentication is a great solution. Having a secure store for the keys/certs is essential, though.

@jk Apple rediscovering TLS client certs reminds me of google redisovering RSS and Atom feeds. Like, better late than never, it's good that they're supporting it but come on, it's not like you're inventing something new, you're just finally integrating established, 20 year old technologies into your product.

@nytpu I'm sure they also appreciate the lock-in aspect of having all your private keys only accessible on Apple devices. 😏

However, this is based on WebAuthn and it does seem to have a way to perform the user auth via Bluetooth as well:

Hopefully it'll actually work that way at some point in the future, so any biometrically secured device can be used as a key when signing in.

@jk Hopefully it'll at least be a token open standard even if no one else supports it initially, like FIDO U2F was a pure google thing but then they made it a spec so other things started supporting it (very slowly)

Sign in to participate in the conversation

skyjake's personal Mastodon instance