A solution that’s perfect except for onboarding (people usually need to pay to g... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		lxgr 7 months ago \| parent \| context \| favorite \| on: Encrypting files with passkeys and age A solution that’s perfect except for onboarding (people usually need to pay to get a client X.509 cert!), UX, and authenticating to the completely wrong entity (the TLS terminating load balancer instead of the application or authentication server holding user public key credentials). Surprising how that didn’t become a slam dunk replacing passwords!

thyristan 7 months ago [–]

Nope. It used to be that browsers even had a Javascript API to create a keypair and submit the public part to the website in question to register or sign for access privileges. Exactly what Passkeys do nowadays. You never had to pay for your client cert if you didn't need it for mail signatures or something.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact