HackerTrans
TopNewTrendsCommentsPastAskShowJobs

Scott_Helme_

no profile record

Submissions

The most popular sites that still don't support passkeys

whynopasskeys.com
4 points·by Scott_Helme_·24 hari yang lalu·8 comments

comments

Scott_Helme_
·23 hari yang lalu·discuss
No, it was more broad than just SE domains, but trying to detect whether a site is suitable for passkeys support automatically is quite the challenge. Some don't allow themselves to be crawled so require manual verification.
Scott_Helme_
·24 hari yang lalu·discuss
I'm not entirely sure that it does, which bit of passkeys are you concerned most with?
Scott_Helme_
·24 hari yang lalu·discuss
This is fixed now: https://whynopasskeys.com/country/se
Scott_Helme_
·2 bulan yang lalu·discuss
Interesting, could you link me to some of those sites so I can investigate?
Scott_Helme_
·2 bulan yang lalu·discuss
I can kind of see it, but you can also just use an authenticator from any manufacturer, or have multiple types that you use? I'm just curious what I'm overlooking.
Scott_Helme_
·2 bulan yang lalu·discuss
What's the concern with using passkeys?
Scott_Helme_
·6 bulan yang lalu·discuss
I did try to make it clear in the article.

We're powering 2 x EVs, have two adults working from home full time, I have a server rack under the stairs, and we have a hot tub outside.
Scott_Helme_
·6 bulan yang lalu·discuss
Absolutely — tariff choice, storage, and automation make a huge difference.

The article isn’t claiming this setup is universally optimal, just showing what’s possible when those pieces are combined and used deliberately.
Scott_Helme_
·6 bulan yang lalu·discuss
We had an expensive solar install due to restrictions around our roof, so the solar would typically have been cheaper.

Another consideration is that battery installations in the UK are charged at 20% VAT, but if they're installed as part of a solar installation, they're charged at 0% VAT. So even if your main interest is in getting the batteries, a small solar install might make sense because of the savings.
Scott_Helme_
·6 bulan yang lalu·discuss
The only restriction placed on you is the export rate, which is provided to you by the DNO here in the UK. We had a limit of 3.8kW placed, which is programmed in to the batteries by the installer.

Octopus also have more flexible battery export tariffs if you want to explore those: https://octopus.energy/smart/flux/
Scott_Helme_
·6 bulan yang lalu·discuss
Nah, there's no Bitcoin mining, honest!
Scott_Helme_
·6 bulan yang lalu·discuss
How did you know about my laser?!
Scott_Helme_
·5 tahun yang lalu·discuss
Thanks! Sometimes the simple tricks are the best ones :)
Scott_Helme_
·5 tahun yang lalu·discuss
There is no reason to differentiate between free certificates and paid certificates. The process works in exactly the same way for either.
Scott_Helme_
·5 tahun yang lalu·discuss
They're all 3 certificates long (leaf/intermediate/root) apart from Let's Encrypt which, due to their cross-signature, are 4 certificates long for ECC.
Scott_Helme_
·5 tahun yang lalu·discuss
If you were to use the same private key for the 4 certificates then you could seamlessly switch between whichever leaf certificate you wanted to serve to the client. I'm not aware of the ability to send multiple leaf certificates to a client for consideration though.
Scott_Helme_
·5 tahun yang lalu·discuss
Let's Encrypt can issue from an ECC chain, I've tweeted[1] the details on how to enable your account for that.

[1] https://twitter.com/Scott_Helme/status/1392101598852222976
Scott_Helme_
·5 tahun yang lalu·discuss
If you get a 1 year certificate then yeah, but otherwise no. The requirement to re-validate the DNS record comes not from the CA or the use of ACME, but the Baseline Requirements[1] §4.2.1, to prove you are still in control of the domain on a somewhat regular basis to obtain new certificates. Every 3 months is more frequent than is required, but there is still a regular (398 day) DCV requirement.

[1] https://cabforum.org/wp-content/uploads/CA-Browser-Forum-BR-...