I've long wondered about that. Are there really no browser based public key
based solutions? Are there any fundamental reasons why that is like that
other than that it never got implemented, or never became popular?
It seems like the "right" solution for the password problem.
-Martijn
I think TLS has a feature where the client can also provide a
certificate, in order to use certificates to authenticate users. I've
never heard of a site actually using it.
--bawolff