Research: Practical Issues with TLS Client Certificate Authentication


The most widely used secure Internet communication standard TLS (Transport Layer Security) has an optional client certificate authentication feature that in theory has significant security advantages over HTML form-based password authentication.

In the paper Arnis Parsovs discusses over practical security and usability issues related to TLS client certificate authentication stemming from the server side and browser implementations. The paper is complemented with a case study performed in Estonia where TLS client certificate authentication is widely used. In the end, recommendations are presented for TLS implementations on the client and server side to improve the security and usability of TLS client certificate authentication.

Read the paper here.


If you didn't find an answer to your question, send it to our team.

  • See instructions
  • Please estimate your ability to use the computer, so that we can provide you with the best guidance


  • Verification failed

How can we improve the article and be more helpful?
Send Close