Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

I know the hacks blog tends to stick to "what web technologies changed" but 72 also introduces "Experimental support for using client certificates from the OS certificate store can be enabled by setting the preference security.osclientcerts.autoload to true (Windows only)." which has always been a huge PITA for me while testing and many interested in these technology changes are probably interested in this flag (though maybe moreso when Mac/Linux get supported).


Safari is terrible with client certs - it seems to store the default on a per page basis rather than per domain. Changing that involves diving deep into keychain.

Chrome usually works but yesterday a colleague had problems where the dialog asking which cert to use wouldn’t respond.

Firefox just works.

It’s a shame that certificates aren’t used more widely. They don’t work at all in captive portal pages on OS X or iphones :(


I've always used the security.enterprise_roots.enabled flag for this, is this new one different?


From the property name it sounds like your property is about trust roots (CAs) and parent's about client certificates (for mutual TLS authentication).


THANK GOD. Now I can 95% swap to Mozilla Firefox for work as well.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: