Considerations when implementing Client Certificate authentication
Client certificate authentication, while highly secure, isn't for everyone, and isn't appropriate for every situation.
- Certificates establish a framework of mutual trust and verifiability that both parties (client and server) are who they say they are
- Certificate-based authentication, if implemented properly, is much more difficult to spoof or tamper with than other forms of authentication
- If a well-supported browser is used and configured correctly, client certificate authentication can effectively act as a single sign-on solution, enabling transparent login to all certificate-secured applications
- Use of certificates typically requires the entire user population to have ...