Episode 526: Brian Campbell on Proof of Possession Defenses
Software Engineering Radio - the podcast for professional software developers
00:00
The User Experience With Mutual TLS
Mutual TLS is a technology that works and is proven but is rather cumbersome to deploy and manage. It's just not a viable solution for anything where the OAuth client itself is running in the web browser. So you can still use MTLS in cases where the sort of server to server component tree is doing all that. But anytime you want to move the client authentication into the web browser, it's just really a non-starter for most cases.
Transcript
Play full episode
