| Abstract: | This article explores the advantages and disadvantages of end user/client digital certificates as means of online authentication in a higher or further education information environment. We conclude that the use of client certificates is feasible and scalable. Nevertheless, it is valid to question whether there is a future in such a technology. Certificates could be useful to some users as the front-end authentication tokens for single sign on systems and we believe that it is not critical that most users will never fully understand how they work. With feedback from over eighty users, with a broad spectrum of technical abilities, the Digital Certificate Operation in a Complex Environment (DCOCE) project looked deeply into the usability of such credentials. Whatever access management technology an institution uses, there is much to learn from the human methodologies of public key infrastructure (PKI) and how these can be made to scale. The use of local user registration individuals to issue user credentials is to be encouraged. Library services are good examples of resources that may be authorized centrally, but other services are not suited to central authorization control. We consider these issues and indicate where digital certificates could be used in the future access management protocols within the UK. |
