Ok. tweet thread time! Too long ago I promised to write a screed explaining how much I hated mutual-auth TLS and why. I got distracted, and I wasn't happy with the writing, so here it is in tweet thread form instead! But basically: Client certs and Mutual-Auth TLS is TERRIBAD.
-
-
Internally we've built a lot of infrastructure around securing certificates, to give one example. I'm comfortable, and even proud, of it all ... but it still makes me sad that it takes so much work and effort and know that few can match it.
-
@threader_app compile - 1 more reply
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.