Pinboard (jm)
https://pinboard.in/u:jm/public/
recent bookmarks from jmEpic twitter thread from @colmmacc explaining why client certs and mutual-auth TLS are TERRIBAD2018-10-30T10:27:42+00:00
https://threadreaderapp.com/thread/1057017343438540801.html
jmOk. tweet thread time! Too long ago I promised to write a screed explaining how much I hated mutual-auth TLS and why. I got distracted, and I wasn't happy with the writing, so here it is in tweet thread form instead! But basically: Client certs and Mutual-Auth TLS is TERRIBAD.
When I say TERRIBAD, I mean that unless you've got the resources of a big security dept and folks who comb threat models for a living, using clients certs and mutual auth probably materially lessens your security. That's NUTS!
(source: https://twitter.com/colmmacc/status/1057017343438540801 )]]>terribad rants twitter threads tls ssl authentication mtls securityhttps://pinboard.in/https://pinboard.in/u:jm/b:39c131ac7d5f/