HackerTrans
TopNewTrendsCommentsPastAskShowJobs

Scott_Helme_

no profile record

Submissions

The most popular sites that still don't support passkeys

whynopasskeys.com
4 points·by Scott_Helme_·24 days ago·8 comments

comments

Scott_Helme_
·23 days ago·discuss
No, it was more broad than just SE domains, but trying to detect whether a site is suitable for passkeys support automatically is quite the challenge. Some don't allow themselves to be crawled so require manual verification.
Scott_Helme_
·24 days ago·discuss
I'm not entirely sure that it does, which bit of passkeys are you concerned most with?
Scott_Helme_
·24 days ago·discuss
This is fixed now: https://whynopasskeys.com/country/se
Scott_Helme_
·2 months ago·discuss
Interesting, could you link me to some of those sites so I can investigate?
Scott_Helme_
·2 months ago·discuss
I can kind of see it, but you can also just use an authenticator from any manufacturer, or have multiple types that you use? I'm just curious what I'm overlooking.
Scott_Helme_
·2 months ago·discuss
What's the concern with using passkeys?
Scott_Helme_
·6 months ago·discuss
I did try to make it clear in the article.

We're powering 2 x EVs, have two adults working from home full time, I have a server rack under the stairs, and we have a hot tub outside.
Scott_Helme_
·6 months ago·discuss
Absolutely — tariff choice, storage, and automation make a huge difference.

The article isn’t claiming this setup is universally optimal, just showing what’s possible when those pieces are combined and used deliberately.
Scott_Helme_
·6 months ago·discuss
We had an expensive solar install due to restrictions around our roof, so the solar would typically have been cheaper.

Another consideration is that battery installations in the UK are charged at 20% VAT, but if they're installed as part of a solar installation, they're charged at 0% VAT. So even if your main interest is in getting the batteries, a small solar install might make sense because of the savings.
Scott_Helme_
·6 months ago·discuss
The only restriction placed on you is the export rate, which is provided to you by the DNO here in the UK. We had a limit of 3.8kW placed, which is programmed in to the batteries by the installer.

Octopus also have more flexible battery export tariffs if you want to explore those: https://octopus.energy/smart/flux/
Scott_Helme_
·6 months ago·discuss
Nah, there's no Bitcoin mining, honest!
Scott_Helme_
·6 months ago·discuss
How did you know about my laser?!
Scott_Helme_
·5 years ago·discuss
Thanks! Sometimes the simple tricks are the best ones :)
Scott_Helme_
·5 years ago·discuss
There is no reason to differentiate between free certificates and paid certificates. The process works in exactly the same way for either.
Scott_Helme_
·5 years ago·discuss
They're all 3 certificates long (leaf/intermediate/root) apart from Let's Encrypt which, due to their cross-signature, are 4 certificates long for ECC.
Scott_Helme_
·5 years ago·discuss
If you were to use the same private key for the 4 certificates then you could seamlessly switch between whichever leaf certificate you wanted to serve to the client. I'm not aware of the ability to send multiple leaf certificates to a client for consideration though.
Scott_Helme_
·5 years ago·discuss
Let's Encrypt can issue from an ECC chain, I've tweeted[1] the details on how to enable your account for that.

[1] https://twitter.com/Scott_Helme/status/1392101598852222976
Scott_Helme_
·5 years ago·discuss
If you get a 1 year certificate then yeah, but otherwise no. The requirement to re-validate the DNS record comes not from the CA or the use of ACME, but the Baseline Requirements[1] §4.2.1, to prove you are still in control of the domain on a somewhat regular basis to obtain new certificates. Every 3 months is more frequent than is required, but there is still a regular (398 day) DCV requirement.

[1] https://cabforum.org/wp-content/uploads/CA-Browser-Forum-BR-...