(Unicode-)String handling done right

Today, found myself reading the chapter about strings on diveintopython3.org.

Now, I’m no Python programmer by any means. Sure. I know my share of Python and I really like many of the concepts behind the language. I have even written some smaller scripts in Python, but it’s not my day-to-day language.

That chapter about string handling really really impressed me though.

In my opinion, handling Unicode strings they way python 3 is doing is exactly how it should be done in every development environment: Keep strings and collections of bytes completely separate and provide explicit conversion functions to convert from one to the other.

And hide the actual implementation from the user of the language! A string is a collection of characters. I don’t have to care how these characters are stored in memory and how they are accessed. When I need that information, I will have to convert that string to a collection of bytes, giving an explicit encoding how I want that to be done.

This is exactly how it should work, but implementation details leaking into the language are mushing this up in every other environment I know of making it a real pain to deal with multibyte character sets.

Features like this is what convinces me to look into new stuff. Maybe it IS time to do more python after all.

Do not change base library behavior

Modern languages like JavaScript or Ruby provide the programmer with an option to “reopen” any class to add additional behavior to them. In the case of Ruby and JavaScript, this is not constrained in any way: You are able to reopen any  class – even the ones that come with your language itself and there are no restrictions on the functionality of your extension methods.

Ruby at least knows of the concept of private methods and fields which you can’t call from your additional methods, but that’s just Ruby. JS knows of no such thing.

This provides awesome freedom to the users of these languages. Agreed. Miss a method on a class? Easy. Just implement that and call it from wherever you want.

This also helps to free you from things like

BufferedReader br = new BufferedReader(new InputStreamReader(new FileInputStream(of)));

which is lots of small (but terribly inconventiently named) classes wrapped into each other to provide the needed functionality. In this example, what the author wanted is to read a file line-by-line. Why exactly do I need three objects for this? Separation of concern is nice, but stuff like this make learning a language needlessly complicated.

In the world of Ruby or JS, you would just extend FileInputStream with whatever functionality you need and then call that, creating code that is much easier to read.

FileInputStream.prototype.readLine = function(){...}
//...
of.readLine();
//...

And yet, if you are a library (as opposed to consumer code), this is a terrible, terrible thing to do!

We have seen previous instances of the kind of problems you will cause: Libraries adding functionality to existing classes create real problems when multiple libraries are doing the same thing and the consuming application is using both libraries.

Let’s say for example, that your library A added that method sum() to the generic Array class. Let’s also say that your consumer also uses library B which does the same thing.

What’s the deal about this, you might ask? It’s pretty clear, what sum does after all?

Is it? It probably is when that array contains something that is summable. But what if there is, say, a string in the array you want to sum up? In your library, the functionality of sum() could be defined as “summing up all the numeric values in the array, assuming 0 for non-numeric values”. In the other library, sum() could be defined as “summing up all the numeric values in the array, throwing an exception if sum() encounters invalid value”.

If your consumer loads your library A first and later on that other library B, you will be calling B’s Array#sum().

Now due to your definition of sum(), you assume that it’s pretty safe to call sum() with an array that contains mixed values. But because you are now calling B’s sum(), you’ll get an exception you certainly did not expect in the first place!

Loading B after A in the consumer caused A to break because both created the same method conforming to different specs.

Loading A after B would fix the problem in this case, but what, say, if both you and B implement Array#avg, but with reversed semantics this time around?

You see, there is no escape.

Altering classes in the global name space breaks any name spacing facility that may have been available in your language. Even if all your “usual” code lives in your own, unique name space, the moment you alter the global space, you break out of your small island and begin to compete with the rest of the world.

If you are a library, you cannot be sure that you are alone in that competition.

And even if you are a top level application you have to be careful not to break implementations of functions provided by libraries you either use directly or, even worse, indirectly.

If you need a real-life example, the following code in an (outdated) version of scriptaculous’ effects.js broke jQuery, despite the latter being very, very careful to check if it can rely on the base functionality provided:

Array.prototype.call = function() {
 var args = arguments;
 this.each(function(f){ f.apply(this, args) });
}

Interestingly enough, Array#call wasn’t used in the affected version of the library. This was a code artifact that actually did nothing but break a completely independent library (I did not have time to determine the exact nature of the breakage).

Not convinced? After all I was using an outdated version of scriptaculous and I should have updated (which is not an option if you have even more libraries dependent on bugs in exactly that version – unless you update all other components as well and then fix all the then broken unit tests).

Firefox 3.0 was the first browser to add document.getElementByClassName, a method also implemented by Prototype. Of course the functionality in Firefox was slightly different from the implementation in Prototype, which now called the built-in version instead its own version which caused a lot of breakage all over the place.

So, dear library developers, stay in your own namespace, please. You’ll make us consumers (and your own) lives so much more easier.

digg bar controversy

Update: I’ve actually written this post yesterday and scheduled it for posting today. In the mean time, digg has found an even better solution and only shows their bar for logged in users. Still – a solution like the one provided here would allow for the link to go to the right location regardless of the state of the digg bar settings.

Recently, digg.com added a controversial feature, the digg bar, which basically frames every posted link in a little IFRAME.

Rightfully so, webmasters were concerned about this and quite quickly, we had the usual religious war going on between the people finding the bar quite useful and the webmasters hating it for lost page rank, even worse recognition of their site and presumed affiliation with digg.

Ideas crept up over the weekend, but turned out not to be so terribly good.

Basically it all boils down to digg.com screwing up on this, IMHO.

I know that they let you turn off that dreaded digg bar, but all the links on their page still point to their own short url. Only then is the decision made whether to show the bar or not.

This means that all links on digg currently just point to digg itself, not awarding any linked page with anything but the traffic which they don’t necessarily want. Digg-traffic isn’t worth much in terms of returning users. You get dugg, you melt your servers, you return back to be unknown.

So you would probably appreciate the higher page rank you get from being linked at by digg as that leads to increased search engine traffic which generally is worth much more.

The solution on diggs part could be simple: Keep the original site url in the href of their links, but use some JS-magic to still open the digg bar. That way they still get to keep their foot in the users path away from the site, but search engines will now do the right thing and follow the links to their actual target, thus giving the webmasters their page rank back.

How to do this?

Here’s a few lines of jQuery to automatically make links formated in the form

be opened via the digg bar while still working correctly for search engines (assuming that the link’s ID is the digg shorturl):

$(function(){
  $('div#link_container a').click(function(){
    $(this).attr('href') = 'http://digg.com/' + this.id;
  });
});

piece of cacke.

No further changes needed and all the web masters will be so much happier while digg gets to keep all the advantages (and it may actually help digg to increase their pagerank as I could imagine that a site with a lot of links pointing to different places could rank higher than one without any external links).

Webmasters then still could do their usual parent.location.href trickery to get out of the digg bar if they want to, but they could also retain their page rank.

No need to add further complexity to the webs standards because one site decides not to play well.

All-time favourite tools – update

It has been more than four years since I’ve last talked about my all-time favourite tools. I guess it’s time for an update.

Surprisingly, I still stand behind the tools listed there: My love for Exim is still un-changed (it just got bigger lately – but that’s for another post). PostgreSQL is cooler than ever and powers PopScan day-in, day-out without flaws.

Finally, I’m still using InnoSetup for my Windows Setup programs, though that has lost a bit of importance in my daily work as we’re shifting more and more to the web.

Still. There are two more tools I must add to the list:

  • jQuery is a JavaScript helper libary that allows you to interact with the DOM of any webpage, hiding away browser incompatibilities. There are a couple of libraries out there which do the same thing, but only jQuery is such a pleasure to work with: It works flawlessly, provides one of the most beautiful APIs I’ve ever seen in any library and there are tons and tons of self-contained plug-ins out there that help you do whatever you would want to on a web page.
    jQuery is an integral part of making web applications equivalent to their desktop counterparts in matters of user interface fluidity and interactivity.
    All while being such a nice API that I’m actually looking forward to do the UI work – as opposed to the earlier days which can most accurately be described as UI sucks.
  • git is my version control system of choice. There are many of them out there in the world and I’ve tried the majority of them for one thing or another. But only git combines the awesome backwards-compatibility to what I’ve used before and what’s still in use by my coworkers (SVN) with abilities to beautify commits, have feature branches, very high speed of execution and very easy sharing of patches.
    No single day passes without me using git and running into a situation where I’m reminded of the incredible beauty that is git.

In four years, I’ve not seen one more other tool I’ve as consistenly used with as much joy as git and jQuery, so those two certainly have earned their spot in my heart.

Food for thought

 

  1. When you open a restaurant, you know the risk of people going to the supermarket and cook their own meal, not paying you as the restaurant owner.
  2. When you publish a book, you know there are going to be libraries where people can share one copy of your work.
  3. When you build a house and sell it, you know the people living there will be going in and out of your house for year without ever paying you anything more.
  4. When you live in a family and clean the parents car for one Euro, you know about the risk of your sister doing it for 50 cents next time around.

But

  1. The music industry claims to have a monopoly on their work, managing to get laws created that allow them to control distribution and disallow anybody to create a lookalike without paying them.
  2. The game industry is hard at work making it impossible for honest customers to even use the game they bought on multiple devices. And now they even begin to go after the used games market (think about that SNES pearl you just saw in your small games store. The one you wanted so badly ever since you’ve been young. Wouldn’t it be a shame it was illegal for them to sell it?)
  3. The entertainment industry is hard at work to make you pay for every device you want to play the same content on.
  4. Two words. “SMS pricing”.

Why do things applying to “small people” not apply to the big shots? Why does the government create laws to turn around well-known facts we have grown up with just so that the wealthy companies (the ones not paying nearly enough taxes) can get even wealthier?

I just don’t get it.

… and back to Thunderbird

It has been a while since I’ve last posted about email – still a topic very close to my heart, be it on the server side or on the client side (though the server side generally works very well here, which is why I don’t post about it).

Waybackwhen, I’ve written about Becky! which is also where I’ve declared the points I deemed important in a mail client. A bit later, I’ve talked about The Bat!, but in the end, I’ve settled with Thunderbird, just to switch to Mac Mail when I’ve switched to the Mac.

After that came my excursion to Gmail, but now I’m back to Thunderbird again.

Why? After all, my Gmail review sounded very nice, didn’t it?

Well…

  • Gmail is blazingly fast once it’s loaded, but starting the browser and then gmail (it loads so slow that “starting (the) gmail (application)” is a valid term to use) is always slower than just keeping a mail client open on the desktop.
  • Google Calendar Sync sucks and we’re using Exchange/Outlook here (and are actually quite happy with it – for calendaring and address books – it sucks for mail, but it provides decent IMAP support), so there was no way for the other folks here to have a look at my calendar.
  • Gmail always posts a “Sender:”-Header when using a custom sender domain which technically is the right thing to do, but Outlook on the receiving end screws up by showing the mail as being “From xxx@gmail.com on behalf of xxx@domain.com” which isn’t really what I’d want.
  • Google’s contact management offering is sub par compared even to Exchange.
  • iPhone works better with Exchange than it does with Google (yes. iPhone, but that’s another story).
  • The cool Gmail MIDP client doesn’t work/isn’t needed on the iPhone, but originally was one of the main reasons for me to switch to Gmail.

The one thing I really loved about Gmail though was the option of having a clean inbox by providing means for archiving messages with just a single keyboard shortcut. Using a desktop mail client without that funcationality wouldn’t have been possible for me any more.

This is why I’ve installed Nostalgy, a Thunderbird extension allowing me to assign a “Move to Folder xxx” action to a single keystroke (y in my case – just like gmail).

Using Thunderbird over Mac Mail has its reasons in the performance and in the crazy idea of Mac Mail to always download all the messages. Thunderbird is no race horse, but Mail.app isn’t even a slug.

Lately, more and more interesting posts regarding the development of Thunderbird have appeared on Planet Mozilla, so I’m looking forward to see Thunderbird 3 taking shape in its revitalized form.

I’m all but conservative in my choice of applications and gadgets, but Mail  – also because of its importance for me – must work exactly as I want it. None of the solutions out there are doing that to the full extent, but TB certainly comes closest. Even after years of testing and trying out different solutions, TB is the thing that solves most of my requirements without adding new issues.

Gmail is splendid too, but it presents some shortcomings TB doesn’t come with.

What sucks about the Touch Diamond

Contrary to all thinking and common-sense I’ve displayed in my «Which phone for me?»-post, I went and bought the Touch Diamond. The perspective of having a hackable device with high resolution, GPS and voip capability and flawlessly working Exchange-Synchronization finally pushed me over – oh and of course I just like new gadgets to try out.

In my dream world, the Touch would even replace my iPod Touch as a video player and bathtub browser, so I could go back to my old Nano for podcasts.

Unfortunately, the Touch is not much more than any other Windows Mobile phone with all the suckage and half-working features they usually come with. Here’s the list:

  • VoIP is a no-go. The firmware of the Touch is crippled and does not provide Windows Mobile 6+ SIP support, Skype doesn’t run on Windows Mobile 6.1, but all that doesn’t matter anway because none of the Voip-Solutions actually use the speakerphone. You can only get VoIP sound on the amplified speaker on the back of the phone – or you use a headset at which time, the thing isn’t better than any other VoIP solution at my disposal.
  • GPS is a no go as the Diamond takes *ages* to find a signal and it’s really fiddly to get it to work – even just in the integrated Google maps application.
  • Typing anything is really hard despite HTC really trying. Whichever input method you chose, you lose: The Windows Mobile native solutions only work with the pen and the HTC keypads are too large for the applications to remain really usable. Writing SMSes takes me so much longer than every other smart phone I’ve tried before.
  • T9 is a nice idea, but here and then, you need to enter some special chars. Like dots. Too bad that they are hidden behind another menu – especially the dot.
  • This TouchFLO 3D-thingie sounds nice on the web and in all the demonstrations, but it sucks anway, mainly because it’s slow as hell. The iPhone interface doesn’t just look good, it’s also responsive, which is where HTC fails. Writing an SMS message takes *minutes* when you combine the embarrassingly slow loading time of the SMS app with the incredibly fiddly text input system.
  • You only get a German T9 with the German version of the Firmware which has probably been translated using Google Translation or Babelfish.
  • The worst idea ever from a consumer perspective was that stupid ExtUSB connector. Aside of the fact that you’d practically have to buy an extra cable to sync from home and the office, you also need another extra cable if you want to plug in decent headphones. The ones coming with the device are unusable and it’s impossible to plug better ones. Also, the needed adapter cable is currently not available to buy anywhere I looked.
  • The screen, while having a nice DPI count is too small to be usable for earnest web browsing. Why does windows mobile have to paint everything four times as large when there are four times as many pixels available?
  • Finger gestures just don’t work on a touch sensitive display, no matter how much they try. At least they don’t work once you are used to the responsiveness and accuracy of an iPhone (or iPod touch).
  • The built-in opera browser, while looking nice and providing a much better page zoom feature than the iPod Touch also is unusable because it’s much too slow.

So instead of having a possible iPhone killer in my pocket, I have a phone that provides around zero more actually usable functionality than my previous W880i and yet is much slower, crashier, larger and heavier than the old solution.

Here’s the old feature comparison table listing the features I tought the touch would have as opposed to the features the touch actually has:

assumed actually
Phone usage
Quick dialing of arbitrary numbers (the phone application takes around 20 seconds to load, the buttons are totally unresponsive)
Acceptable battery life (more than two days) ? yes. Actually yes. 4 days is not bad.
usable as modem yes yes
usable while not looking at the device limited not at all mainly because of the laggyness of the interface
quick writing of SMS messages it’s much, much worse than anticipated.
Sending and receiving of MMS messages yes not really. Sending pictures is annoying as hell and everything is terribly slow.
PIM usage
synchronizes with google calendar/contacts
synchronizes with Outlook yes yes
usable calendar yes very, very slow
usable todo list yes slow
media player usage
integrates into current iTunes based podcast workflow
straight forward audio playing interface
straight forward video playing interface
acceptable video player yes no. No sound due to no way to plug my own headphones.
hackability
ssh client yes not really. putty doesn’t quite work right on VGA Winmob 6.1
skype client yes no. a) it doesn’t work and b) it would require headset usage as skype is unable to use the speakerphone.
OperaMini (browser usable on GSM) yes limited. No softkeys and touch-buttons too small to reliably hit.
WLAN-Browser yes no. Too slow, Screen real estate too limited.

Now tell me how this could be called progress.

I’m giving this thing until the end of the week. Maybe I get used to its deficiencies in the matters of interface speed. If not, it’s gone. As is the prospective of me buying any other Windows Mobile phone. Ever.

Sorry for the rant, but it had to be.

Which phone for me?

I’m a quite happy user of my Sony Ericsson W880i / iPod Touch combo: The touch is for listening to podcasts and watching video, the W880i is for SMSing and making a phone call here and then, though it’s mostly for getting called these days. Skype exists and works well.

Now with all the new toysinteresting devices coming out all over the place, maybe it’s time to reevaluate the different options. 3G iPhone? Something Windows Mobile based (though the touch diamond seems to be the way to go)? My old phone? Or a combination of any of them?

I tried to make a tabular comparison, where I’m listing the phones by use cases. And I’m only listening features interesting for me. Your points may differ from the ones presented here. This is, after all, a guide I used to pick a solution.

iPhone Touch Diamond W880i
Phone usage
Quick dialing of arbitrary numbers yes
Acceptable battery life (more than two days) ? ? yes
usable as modem probably not yes yes
usable while not looking at the device limited yes
quick writing of SMS messages yes
Sending and receiving of MMS messages1 yes yes
PIM usage
synchronizes with google calendar/contacts2 maybe yes. Contacts limited
synchronizes with Outlook maybe yes not reliably
usable calendar yes yes
usable todo list yes
media player usage
integrates into current iTunes based podcast workflow3 yes
straight forward audio playing interface yes
straight forward video playing interface4
acceptable video player5 limited yes
hackability
ssh client maybe yes
skype client6 maybe yes
OperaMini (browser usable on GSM) yes yes
WLAN-Browser yes yes

Notes:

  1. While I’m not using it often, here and then I come across something funny which I want to share with my parents or my girlfriend. MMS is the optimal medium for that. I send about one MMS per two months and I receive around 2 MMS per month, so this is probably not as important.
  2. Using Services like GooSync it is possible to synchronize the W880i with the Google services, though Google’s Contact API currently isn’t in a state where it would be useful for actually using it to synchronize contacts with the pone – mainly due to not providing an option to synchronize only certain matching contacts.
  3. iTunes not only downloads Podcasts but also keeps track of playback position and the new/not new state across devices and computers. I’m subscribed to more than 20 podcasts, so such features are essential for me.
  4. Neither the iPhone nor the WinMob devices provide an user experience for playing video that even comes close to match the one the iPhone would provide for Audio files.
  5. The Video player on the iPhone is limited to MP4-packaged H.264 files, whereas there are Media Players for WinMob that can handle whatever you throw at them.
  6. Skype is available as a JavaME application, but in addition to the (horrendous) GPRS charge, Skype also charges you, whether you make or receive calls. This is why I listed skype support as missing on the W880i

What’s missing in the comparison table is one of the upcoming large Windows Mobile devices with built-in keyboards like the Sony Ericcson XPERIA or the Touch Diamond pro. This class of devices does provide more convenient typing, but their usability still doesn’t even come close to matching a pure phones one. You’d still have to browse through menus, search special keys (like umlauts) and stuff. It’s just that typing has become a bit easier.

These little usability benefits do not even come close to offset the weight and especially thickness of these devices which is why I’m not listening them in the table above.

But let’s discuss the tables content for now:

First the obvious: The best phone in the list is… well… the phone. Neither of the two smart phones is capable of bringing a pure phone user experience that comes even close to what a real phone with a real keyboard can provide.

In case you wonder: I’m a heavy user of T9. Typing with a 10-key keypad assisted by T9 feels completely natural to me and the W880i provides really nice T9 functionality with quick access to suggestions and other shortcuts, so I’m actually inclined to say that I’m quicker to type on that phone than I would even be with one of the larger keyboard-based smart phones, mainly due to shorter distances to travel with the finger(s). With my ~100 SMS per month, I consider myself to be a heavy user of SMS, so quick and easy SMS writing and reception is a key feature for me.

Aside of that, the phone is more or less just that: A phone. It doesn’t really shine in every other aspect. Music kind-of works, but is unusable for Podcasts due to not saving playback position between launches of the media application, let alone synchronizing the playback position across devices.

Video, applications and even just browsing beyond the means of what OperaMini can provide are out of the question.

As such, the W880i basically is like grep. Or sort. Or uniq. Or like any other of these little UNIX utilities: It does one thing and it does it well.

The WinMob phones provide not much better media support (they do play video, but for Podcasts they are still not as good as iTunes), but they shine in the realm of hackability and, of course, the PIM synchronization, though there they more or less only work with Exchange. Also, the larger screen provides the user with a lot more possibilities UI-wise.

So while the W880i is the better phone, the WinMob devices are the better PIM solution and better platform to hack on which appeals the geek in me quite more – obviously.

The iPhone is limited in its capabilities as a phone, provides next to no hackability and will probably come with some enforced phone contract here in Switzerland. It does shine in the media department though, but that part is also perfectly well handled by my current iPod Touch to which I can easily (at the cost of $10) add the limited hackability the iPhone is going to get – should I need it.

Looking at this, the iPhone certainly looks like an uninteresting solution: All it would provide I currently have in the touch, aside of the phone, for which I currently have a better solution anyways.

Replacing the W880i/touch combo with either an iPhone or a WinMob solution seems like a stupid thing to do as I’d lose the good usability of the phone and/or the nice Media capabilities of the touch.

So in the end, I have only a couple of options which would work for me:

  • Replace my W880i/touch combo with a W880i/iPhone combo and use the iPhone as an always-connected surf station with limited hackability. This, frankly, is just too expensive to be of any value as it would mean to get a second mobile contract just for surfing here and then, while still forcing me to keep the data option for my W880i because the iPhone is not usable as a modem in case I need to emergency-repair a server or something.
  • Replace the W880i in my combo with the Touch Diamond: With every earlier model of WinMob devices, this would have been completely un-doable due to the thickness of the devices. The Diamond is not much thicker than the W880i, so the Diamond and the iPod Touch would still fit the same pocket in my trousers. I would lose the kick-ass usability of the W880i, but I would gain a real in-bed media player (without transcoding), an emergency SSH client and a completely working PIM with totally working synchronization.
  • Keep my solution as it currently is, while keeping in mind that ever since I got the touch, it provides all the features I would ever need: A kick-ass phone, an acceptable video player, a kick-ass music player and two browsers – one for each type of usage: The OperaMini when I’m forced to use the slow GSM and Safari on the Touch when I have WLAN (you would not want to use Safari over GSM – I tried).

It’s funny: I’m so much in love with technology and gadgets. I’m always on the lookout for new stuff, always trying out new, so called revolutionary technology. I’ve tried to many phone solutions in my life (just look at this blog), but I finally think that I have found a solution I’m willing to stick with.

The current W880i/Touch combo works so well that I don’t see any other solution that would only provide me with advantages. Each and every other new device comes with inherent drawbacks.

I guess, for once, I pass. I’ll stick around with my outdated solution and I’ll wait for the next revolution. What I currently have just works too well.

Why is nobody using SSL client certificates?

Did you know that ever since the days of Netscape Navigator 3.0, there is a technology that allows you to

  • securely sign on without using passwords
  • allow for non-annoying two-factor authentication
  • uniquely identify yourself to third-party websites without giving the second party any account information

All of this can be done using SSL client certificates.

You know: Whenever you visit an SSL protected page, what usually happens is that your browser checks the identity of the remote site by checking their certificate. But what also could happen is that the remote site could check your identity using a previously issued certificate.

This is called SSL client side certificate.

Sites can make the browser generate a keypair for you. Then they’ll sign your public key using their private key and they’ll be able to securely identify you from then on.

The certificate is stored in the browser itself and your browser will send it to any (SSL protected) site requesting it. The site in turn could then identify you as the owner of the private key associated to the presented certificate (provided the key wasn’t generated on a pre-patch Debian installation *sigh*).

The keypair is bound to the machine it was generated on, though it can be exported and re-imported on a different machine.

It solves our introductory three problems like this:

  • by presenting the certificate, the origin server can identify you. No need to enter a user name or a password.
  • By asking for a password (something you know) and comparing the SSL certificate (something you have), you get cheap and easy two factor authentication that’s a lot more secure than asking for your mothers maiden name.
  • If the requesting party in a three-site scenario knows your public key and uses that to request information from a requested party, you, can revoke access by this key at any time without any of the parties knowing your username and password.

Looks very nice, doesn’t it?

So why isn’t it used more often (read: at all)?

This is why:

Picture underlining the

The screenshot shows what’s needed to actually have a look at the client side certificates installed in your browser, which currently is the only way of accessing them. Let’s say you want to copy a keypair from one machine to another. You’ll have to:

  1. Open the preferences (many people are afraid of even that)
  2. Select Advanced (scary)
  3. Click Encryption (encry… what?)
  4. Click “View Certificates” (what do the other buttons do? oops! Another dialog?)
  5. Select your certificate (which one?) and click “Export” (huh?)

Even generation of the key is done in-browser without feedback by the site requesting the key.

This is like basic authentication (nobody uses this one) vs. forms based authentication (which is what everybody uses): It’s non-themeable, scary, modal and complicated.

What we need for client side certificates to become useful is a way for sites to get more access to the functionality than they currently do: They need information on the key generation process. They should allow the user to export the key and to re-import it (just spawning two file dialogs should suffice – of course the key must not be transmitted to the site in the process). They need a way to list the keys installed in a browser. They need to be able to add and remove keys (on the user’s request).

In the current state, this excellent idea is rendered completely useless by the awful usability and the completely detached nature: This is a browser feature. It’s browser dependent without a way for the sites to control it – to guide users through steps.

For this to work, sites need more control.

Without giving them access to your keys.

<divpInteresting problem. Isn’t it?</p>