>People should be building the next ssh, not the next PGP.
Yeah. I'd like something that simple and secure (where users can use the same private key across sites) for web browsers. X509 client authentication, as far as I can tell, doesn't cut the mustard. Among other problems, it requires trusted certificate authorities, which causes... problems.
there are good reasons to want a unique key per site (avoiding linking across sites), and most of the problems with x509 (aside from it just being lame) are due to UI/UX in browsers, especially legacy desktop browsers, and lack of good support elsewhere. You could even get away without CAs (or where site = CA) for the client cert problem, too.
It's really not an open crypto research problem; it's design and software engineering and entrepreneurship/marketing.
Yeah. I'd like something that simple and secure (where users can use the same private key across sites) for web browsers. X509 client authentication, as far as I can tell, doesn't cut the mustard. Among other problems, it requires trusted certificate authorities, which causes... problems.