Re client certs and usernames -- a nice convention in geminispace could be that if you claim in a forum like this to be e.g. foo@tilde.black, then your client certificate has to be signed by the certificate served by tilde.black, with Common Name "foo". Could this work?
Nice idea. An extension to that could be public "identity servers" where you can attach a name to your cert
Alternatively I was thinking of just hashing the identity and showing the hash as a pseudonymous
Anybody interested in tying identities to client certificates needs to read up on FOAF+SSL! The *original* decentralised TLS-based social network: https://webcache.googleusercontent.com/search?q=cache:uwOH2jZPHisJ:https://www.w3.org/wiki/Foaf%2Bssl+&cd=1&hl=en&ct=clnk&gl=br
@21: Right, but what if solderpunk wants to post, and identify as solderpunk... are we all meant to learn seir cert hash?
@26 in that case the purpose of pseudonyms would only be to tell that two posts were made by the same person, not to identify them
pseudonyms are implemented! only hashes for now, no usernames (which are a bit more complex both for me and for the user)
I don't get it. If we can agree tha user tracking is one of the worst things of the www, why do ywe want to track users iniquely with a user cert? Please, staph! :)
well, there's a difference between tracking an user without their knowledge and letting them have the power to authenticate themselves