Hacker News new | comments | show | ask | jobs | submit login

Does anyone know of a good reason not to use TLS with client-side certificates (and you as the CA) for API authentication?



It can become a pain to manage from the server side (issuing new ones &c), but technically they're pretty nice. The company I used to work for used them for their api.


Yeah, limited library support for client certs.


Let's fix that...




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | DMCA | Apply to YC | Contact

Search: