Enrico Zini <enrico@enricozini.org> writes: > On Thu, Aug 27, 2015 at 10:55:19AM +0200, Mario Lang wrote: > >> > - can you use the new certificate-based version? With which browser? >> I apparently managed to manually enroll and download my .crt. >> However, I fail to see a way how to make use of that .crt for lynx yet. >> So currently, no, I can't make use of the new system. > > Ok, I'm evaluating alternatives. Do you have any experience running lynx > through stunnel? No, I'm afraid not. curl --key mlang.key --cert mlang.crt https://sso.debian.org/spkac/test/env|lynx -stdin works, but that is barely a solution since you will not be able to follow any site-specific links. It is a shame lynx apparently doesn't have support for client certificates. OTOH, while I am not really up-to-date with the newest ideas in web development, it strikes me a bit restrictive to require only client certificates for SSO in the future. I can imagine a few situations where I'd just prefer to enter a password, instead of having to make sure my environment is modern and permissive enough to let me have client certs. -- CYa, ⡍⠁⠗⠊⠕
Attachment:
signature.asc
Description: PGP signature