[html5] r2960 - [acgow] (2) First cut at defining <keygen>. Affects parser, rendering, and form [...]

whatwg at whatwg.org whatwg at whatwg.org
Mon Apr 6 20:48:38 PDT 2009


Author: ianh
Date: 2009-04-06 20:48:37 -0700 (Mon, 06 Apr 2009)
New Revision: 2960

Modified:
   index
   source
Log:
[acgow] (2) First cut at defining <keygen>.  Affects parser, rendering, and form submission.

Modified: index
===================================================================
--- index	2009-04-06 08:24:27 UTC (rev 2959)
+++ index	2009-04-07 03:48:37 UTC (rev 2960)
@@ -39,7 +39,7 @@
   <div class=head>
    <p><a class=logo href=http://www.whatwg.org/ rel=home><img alt=WHATWG src=/images/logo></a></p>
    <h1>HTML 5</h1>
-   <h2 class="no-num no-toc" id=draft-recommendation-—-date:-01-jan-1901>Draft Recommendation — 6 April 2009</h2>
+   <h2 class="no-num no-toc" id=draft-recommendation-—-date:-01-jan-1901>Draft Recommendation — 7 April 2009</h2>
    <p>You can take part in this work. <a href=http://www.whatwg.org/mailing-list>Join the working group's discussion list.</a></p>
    <p><strong>Web designers!</strong> We have a <a href=http://blog.whatwg.org/faq/>FAQ</a>, a <a href=http://forums.whatwg.org/>forum</a>, and a <a href=http://www.whatwg.org/mailing-list#help>help mailing list</a> for you!</p>
    <dl><dt>Multiple-page version:</dt>
@@ -583,32 +583,33 @@
      <li><a href=#the-optgroup-element><span class=secno>4.10.8 </span>The <code>optgroup</code> element</a></li>
      <li><a href=#the-option-element><span class=secno>4.10.9 </span>The <code>option</code> element</a></li>
      <li><a href=#the-textarea-element><span class=secno>4.10.10 </span>The <code>textarea</code> element</a></li>
-     <li><a href=#the-output-element><span class=secno>4.10.11 </span>The <code>output</code> element</a></li>
-     <li><a href=#association-of-controls-and-forms><span class=secno>4.10.12 </span>Association of controls and forms</a></li>
-     <li><a href=#attributes-common-to-form-controls><span class=secno>4.10.13 </span>Attributes common to form controls</a>
+     <li><a href=#the-keygen-element><span class=secno>4.10.11 </span>The <code>keygen</code> element</a></li>
+     <li><a href=#the-output-element><span class=secno>4.10.12 </span>The <code>output</code> element</a></li>
+     <li><a href=#association-of-controls-and-forms><span class=secno>4.10.13 </span>Association of controls and forms</a></li>
+     <li><a href=#attributes-common-to-form-controls><span class=secno>4.10.14 </span>Attributes common to form controls</a>
       <ol>
-       <li><a href=#naming-form-controls><span class=secno>4.10.13.1 </span>Naming form controls</a></li>
-       <li><a href=#enabling-and-disabling-form-controls><span class=secno>4.10.13.2 </span>Enabling and disabling form controls</a></li>
-       <li><a href="#a-form-control's-value"><span class=secno>4.10.13.3 </span>A form control's value</a></li>
-       <li><a href=#autofocusing-a-form-control><span class=secno>4.10.13.4 </span>Autofocusing a form control</a></li>
-       <li><a href=#limiting-user-input-length><span class=secno>4.10.13.5 </span>Limiting user input length</a></li>
-       <li><a href=#form-submission><span class=secno>4.10.13.6 </span>Form submission</a></ol></li>
-     <li><a href=#constraints><span class=secno>4.10.14 </span>Constraints</a>
+       <li><a href=#naming-form-controls><span class=secno>4.10.14.1 </span>Naming form controls</a></li>
+       <li><a href=#enabling-and-disabling-form-controls><span class=secno>4.10.14.2 </span>Enabling and disabling form controls</a></li>
+       <li><a href="#a-form-control's-value"><span class=secno>4.10.14.3 </span>A form control's value</a></li>
+       <li><a href=#autofocusing-a-form-control><span class=secno>4.10.14.4 </span>Autofocusing a form control</a></li>
+       <li><a href=#limiting-user-input-length><span class=secno>4.10.14.5 </span>Limiting user input length</a></li>
+       <li><a href=#form-submission><span class=secno>4.10.14.6 </span>Form submission</a></ol></li>
+     <li><a href=#constraints><span class=secno>4.10.15 </span>Constraints</a>
       <ol>
-       <li><a href=#definitions><span class=secno>4.10.14.1 </span>Definitions</a></li>
-       <li><a href=#constraint-validation><span class=secno>4.10.14.2 </span>Constraint validation</a></li>
-       <li><a href=#the-constraint-validation-api><span class=secno>4.10.14.3 </span>The constraint validation API</a></li>
-       <li><a href=#security-0><span class=secno>4.10.14.4 </span>Security</a></ol></li>
-     <li><a href=#form-submission-0><span class=secno>4.10.15 </span>Form submission</a>
+       <li><a href=#definitions><span class=secno>4.10.15.1 </span>Definitions</a></li>
+       <li><a href=#constraint-validation><span class=secno>4.10.15.2 </span>Constraint validation</a></li>
+       <li><a href=#the-constraint-validation-api><span class=secno>4.10.15.3 </span>The constraint validation API</a></li>
+       <li><a href=#security-0><span class=secno>4.10.15.4 </span>Security</a></ol></li>
+     <li><a href=#form-submission-0><span class=secno>4.10.16 </span>Form submission</a>
       <ol>
-       <li><a href=#introduction-0><span class=secno>4.10.15.1 </span>Introduction</a></li>
-       <li><a href=#implicit-submission><span class=secno>4.10.15.2 </span>Implicit submission</a></li>
-       <li><a href=#form-submission-algorithm><span class=secno>4.10.15.3 </span>Form submission algorithm</a></li>
-       <li><a href=#url-encoded-form-data><span class=secno>4.10.15.4 </span>URL-encoded form data</a></li>
-       <li><a href=#multipart-form-data><span class=secno>4.10.15.5 </span>Multipart form data</a></li>
-       <li><a href=#plain-text-form-data><span class=secno>4.10.15.6 </span>Plain text form data</a></ol></li>
-     <li><a href=#resetting-a-form><span class=secno>4.10.16 </span>Resetting a form</a></li>
-     <li><a href=#event-dispatch><span class=secno>4.10.17 </span>Event dispatch</a></ol></li>
+       <li><a href=#introduction-0><span class=secno>4.10.16.1 </span>Introduction</a></li>
+       <li><a href=#implicit-submission><span class=secno>4.10.16.2 </span>Implicit submission</a></li>
+       <li><a href=#form-submission-algorithm><span class=secno>4.10.16.3 </span>Form submission algorithm</a></li>
+       <li><a href=#url-encoded-form-data><span class=secno>4.10.16.4 </span>URL-encoded form data</a></li>
+       <li><a href=#multipart-form-data><span class=secno>4.10.16.5 </span>Multipart form data</a></li>
+       <li><a href=#plain-text-form-data><span class=secno>4.10.16.6 </span>Plain text form data</a></ol></li>
+     <li><a href=#resetting-a-form><span class=secno>4.10.17 </span>Resetting a form</a></li>
+     <li><a href=#event-dispatch><span class=secno>4.10.18 </span>Event dispatch</a></ol></li>
    <li><a href=#interactive-elements><span class=secno>4.11 </span>Interactive elements</a>
     <ol>
      <li><a href=#the-details-element><span class=secno>4.11.1 </span>The <code>details</code> element</a></li>
@@ -1008,7 +1009,8 @@
      <li><a href=#the-meter-element-0><span class=secno>10.4.14 </span>The <code>meter</code> element</a></li>
      <li><a href=#the-progress-element-0><span class=secno>10.4.15 </span>The <code>progress</code> element</a></li>
      <li><a href=#the-select-element-0><span class=secno>10.4.16 </span>The <code>select</code> element</a></li>
-     <li><a href=#the-textarea-element-0><span class=secno>10.4.17 </span>The <code>textarea</code> element</a></ol></li>
+     <li><a href=#the-textarea-element-0><span class=secno>10.4.17 </span>The <code>textarea</code> element</a></li>
+     <li><a href=#the-keygen-element-0><span class=secno>10.4.18 </span>The <code>keygen</code> element</a></ol></li>
    <li><a href=#frames-and-framesets><span class=secno>10.5 </span>Frames and framesets</a></li>
    <li><a href=#interactive-media><span class=secno>10.6 </span>Interactive media</a>
     <ol>
@@ -33568,11 +33570,268 @@
 
 
 
-  <h4 id=the-output-element><span class=secno>4.10.11 </span>The <dfn><code>output</code></dfn> element</h4>
+  <h4 id=the-keygen-element><span class=secno>4.10.11 </span>The <dfn><code>keygen</code></dfn> element</h4>
 
   <dl class=element><dt>Categories</dt>
    <dd><a href=#flow-content-0>Flow content</a>.</dd>
    <dd><a href=#phrasing-content-0>Phrasing content</a>.</dd>
+   <dd><a href=#interactive-content-0>Interactive content</a>.</dd>
+   <dd><a href=#category-listed title=category-listed>Listed</a>, <a href=#category-label title=category-label>labelable</a>, <a href=#category-submit title=category-submit>submittable</a>, and <a href=#category-reset title=category-reset>resettable</a> <a href=#form-associated-element>form-associated element</a>.</dd>
+   <dt>Contexts in which this element may be used:</dt>
+   <dd>Where <a href=#phrasing-content-0>phrasing content</a> is expected.</dd>
+   <dt>Content model:</dt>
+   <dd>Empty.</dd>
+   <dt>Content attributes:</dt>
+   <dd><a href=#global-attributes>Global attributes</a></dd>
+   <dd><code title=attr-fe-autofocus><a href=#attr-fe-autofocus>autofocus</a></code></dd>
+   <dd><code title=attr-keygen-challenge><a href=#attr-keygen-challenge>challenge</a></code></dd>
+   <dd><code title=attr-fe-disabled><a href=#attr-fe-disabled>disabled</a></code></dd>
+   <dd><code title=attr-fae-form><a href=#attr-fae-form>form</a></code></dd>
+   <dd><code title=attr-keygen-keytype><a href=#attr-keygen-keytype>keytype</a></code></dd>
+   <dd><code title=attr-fe-name><a href=#attr-fe-name>name</a></code></dd>
+   <dt>DOM interface:</dt>
+   <dd>
+<pre class=idl>interface <dfn id=htmlkeygenelement>HTMLKeygenElement</dfn> : <a href=#htmlelement>HTMLElement</a> {
+           attribute boolean <a href=#dom-fe-autofocus title=dom-fe-autofocus>autofocus</a>;
+           attribute DOMString <a href=#dom-keygen-challenge title=dom-keygen-challenge>challenge</a>;
+           attribute boolean <a href=#dom-fe-disabled title=dom-fe-disabled>disabled</a>;
+  readonly attribute <a href=#htmlformelement>HTMLFormElement</a> <a href=#dom-fae-form title=dom-fae-form>form</a>;
+           attribute DOMString <a href=#dom-keygen-keytype title=dom-keygen-keytype>keytype</a>;
+           attribute DOMString <a href=#dom-fe-name title=dom-fe-name>name</a>;
+
+  readonly attribute DOMString <a href=#dom-keygen-type title=dom-keygen-type>type</a>;
+
+  readonly attribute boolean <a href=#dom-cva-willvalidate title=dom-cva-willValidate>willValidate</a>;
+  readonly attribute <a href=#validitystate>ValidityState</a> <a href=#dom-cva-validity title=dom-cva-validity>validity</a>;
+  readonly attribute DOMString <a href=#dom-cva-validationmessage title=dom-cva-validationMessage>validationMessage</a>;
+  boolean <a href=#dom-cva-checkvalidatity title=dom-cva-checkValidatity>checkValidity</a>();
+  void <a href=#dom-cva-setcustomvalidity title=dom-cva-setCustomValidity>setCustomValidity</a>(in DOMString error);
+
+  readonly attribute <span>NodeList</span> <a href=#dom-lfe-labels title=dom-lfe-labels>labels</a>;
+};</pre>
+   </dd> 
+  </dl><p>The <code><a href=#the-keygen-element>keygen</a></code> element <a href=#represents>represents</a> a key
+  pair generator control. When the control's form is submitted, the
+  private key is stored in the local keystore, and the public key is
+  packaged and sent to the server.</p>
+
+  <p>The <dfn id=attr-keygen-challenge title=attr-keygen-challenge><code>challenge</code></dfn> attribute
+  may be specified. Its value will be packaged with the submitted
+  key.</p>
+
+  <p>The <dfn id=attr-keygen-keytype title=attr-keygen-keytype><code>keytype</code></dfn>
+  attribute is an <a href=#enumerated-attribute>enumerated attribute</a>. The following
+  table lists the keywords and states for the attribute — the
+  keywords in the left column map to the states listed in the cell in
+  the second column on the same row as the keyword.</p>
+
+  <table><thead><tr><th> Keyword <th> State
+   <tbody><tr><td> <code title="">rsa</code>
+     <td> <i title="">RSA</i>
+  </table><p>The <i>invalid value default</i> state is the <i title="">unknown</i> state. The <i>missing value default</i> state
+  is the <i title="">RSA</i> state.</p>
+
+  <div class=impl>
+
+  <p>The user agent may expose a user interface for each
+  <code><a href=#the-keygen-element>keygen</a></code> element to allow the user to configure settings
+  of the element's key pair generator, e.g. the key length.</p>
+
+  <p>The <a href=#concept-form-reset-control title=concept-form-reset-control>reset
+  algorithm</a> for <code><a href=#the-keygen-element>keygen</a></code> elements is to set these
+  various configuration settings back to their defaults.</p>
+
+  <p>The element's <a href=#concept-fe-value title=concept-fe-value>value</a> is the
+  string returned from the following algorithm:</p>
+
+  <!-- XXXrefs:
+    [X690] http://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf
+  -->
+
+  <ol><li>
+
+    <p>Use the appropriate step from the following list:</p>
+
+    <dl class=switch><!--
+
+     <dt>If the <code title="attr-keygen-keytype">keytype</code>
+     attribute is in the <i title="">EC</i> state</dt>
+
+     <dd>
+
+      <p>...
+
+     </dd>
+
+     http://www.mail-archive.com/dev-tech-crypto@lists.mozilla.org/msg05902.html
+
+     --><dt>If the <code title=attr-keygen-keytype><a href=#attr-keygen-keytype>keytype</a></code>
+     attribute is in the <i title="">RSA</i> state</dt>
+
+     <dd>
+
+      <p>Generate an RSA key pair using the settings given by the
+      user, if appropriate.</p>
+
+      <p>Select an RSA signature algorithm from those listed in
+      section 7.2.1 ("RSA Signature Algorithm") of RFC2459. <a href=#refsRFC2459>[RFC2459]</a></p>
+
+     </dd>
+
+     <dt>Otherwise, the <code title=attr-keygen-keytype><a href=#attr-keygen-keytype>keytype</a></code> attribute is in the <i title="">unknown</i> state</dt>
+
+     <dd>
+
+      <p>The given key type is not supported. Return the empty string
+      and abort this algorithm.</p>
+
+     </dd>
+
+    </dl><p>Let <var title="">private key</var> be the generated private key.</p>
+
+    <p>Let <var title="">public key</var> be the generated public key.</p>
+
+    <p>Let <var title="">signature algorithm</var> be the selected
+    signature algorithm.</p>
+
+   </li>
+
+   <li>
+
+    <p>If the element has a <code title=attr-keygen-challenge><a href=#attr-keygen-challenge>challenge</a></code> attribute, then let
+    <var title="">challenge</var> be that attribute's value.
+    Otherwise, let <var title="">challenge</var> be the empty
+    string.</p>
+
+   </li>
+
+   <li>
+
+    <p>Let <var title="">algorithm</var> be an ASN.1 <code title="">AlgorithmIdentifier</code> structure as defined by
+    RFC2459, with the <code title="">algorithm</code> field giving the
+    ASN.1 OID used to identify <var title="">signature
+    algorithm</var>, using the OIDs defined in section 7.2 ("Signature
+    Algorithms") of RFC2459, and the <code title="">parameters</code>
+    field set up as required by RFC2459 for <code title="">AlgorithmIdentifier</code> structures for that
+    algorithm. <a href=#refsX690>[X690]</a> <a href=#refsRFC2459>[RFC2459]</a></p>
+
+   </li>
+
+   <li>
+
+    <p>Let <var title="">spki</var> be an ASN.1 <code title="">SubjectPublicKeyInfo</code> structure as defined by
+    RFC2459, with the <code title="">algorithm</code> field set to the
+    <var title="">algorithm</var> structure from the previous step,
+    and the <code title="">subjectPublicKey</code> field set to the
+    BIT STRING value resulting from ASN.1 DER encoding the <var title="">public key</var>. <a href=#refsX690>[X690]</a> <a href=#refsRFC2459>[RFC2459]</a></p>
+
+   </li>
+
+   <li>
+
+    <p>Let <var title="">publicKeyAndChallenge</var> be an ASN.1
+    <code><a href=#publickeyandchallenge>PublicKeyAndChallenge</a></code> structure as defined below,
+    with the <code title="">spki</code> field set to the <var title="">spki</var> structure from the previous step, and the
+    <code title="">challenge</code> field set to the string <var title="">challenge</var> obtained earlier. <a href=#refsX690>[X690]</a></p>
+
+   </li>
+
+   <li>
+
+    <p>Let <var title="">signature</var> be the BIT STRING value
+    resulting from ASN.1 DER encoding the signature generated by
+    applying the <var title="">signature algorithm</var> to the byte
+    string obtained by ASN.1 DER encoding the <var title="">publicKeyAndChallenge</var> structure, using <var title="">private key</var> as the signing key. <a href=#refsX690>[X690]</a></p>
+
+   </li>
+
+   <li>
+
+    <p>Let <var title="">signedPublicKeyAndChallenge</var> be an ASN.1
+    <code><a href=#signedpublickeyandchallenge>SignedPublicKeyAndChallenge</a></code> structure as defined
+    below, with the <code title="">publicKeyAndChallenge</code> field
+    set to the <var title="">publicKeyAndChallenge</var> structure,
+    the <code title="">signatureAlgorithm</code> field set to the <var title="">algorithm</var> structure, and the <code title="">signature</code> field set to the BIT STRING <var title="">signature</var> from the previous step. <a href=#refsX690>[X690]</a></p>
+
+   </li>
+
+   <li>
+
+    <p>Return the result of base64 encoding the result of ASN.1 DER
+    encoding the <var title="">signedPublicKeyAndChallenge</var>
+    structure. <a href=#refsRFC3548>[RFC3548]</a><!--base64--> <a href=#refsX690>[X690]</a></p>
+
+   </li>
+
+  </ol><p>The data objects used by the above algorithm are defined as
+  follows. These definitions use the same "ASN.1-like" syntax defined
+  by RFC2459. <a href=#refsRFC2459>[RFC2459]</a></p>
+
+  <pre class=asn><dfn id=publickeyandchallenge>PublicKeyAndChallenge</dfn> ::= SEQUENCE {
+    spki <span>SubjectPublicKeyInfo</span>,
+    challenge IA5STRING
+}
+
+<dfn id=signedpublickeyandchallenge>SignedPublicKeyAndChallenge</dfn> ::= SEQUENCE {
+    publicKeyAndChallenge <a href=#publickeyandchallenge>PublicKeyAndChallenge</a>,
+    signatureAlgorithm <span>AlgorithmIdentifier</span>,
+    signature BIT STRING
+}</pre>
+
+  <hr><p><strong>Constraint validation:</strong> The <code><a href=#the-keygen-element>keygen</a></code>
+  element is <a href=#barred-from-constraint-validation>barred from constraint validation</a>.</p>
+
+  </div>
+
+  <p>The <code title=attr-fae-form><a href=#attr-fae-form>form</a></code> attribute is used to
+  explicitly associate the <code><a href=#the-keygen-element>keygen</a></code> element with its
+  <a href=#form-owner>form owner</a>. The <code title=attr-fe-name><a href=#attr-fe-name>name</a></code>
+  attribute represents the element's name. The <code title=attr-fe-disabled><a href=#attr-fe-disabled>disabled</a></code> attribute is used to make
+  the control non-interactive and to prevent its value from being
+  submitted. The <code title=attr-fe-autofocus><a href=#attr-fe-autofocus>autofocus</a></code>
+  attribute controls focus.</p>
+
+  <dl class=domintro><dt><var title="">keygen</var> . <code title=attr-keygen-type>type</code></dt>
+
+   <dd>
+
+    <p>Returns the string "<code title="">keygen</code>".</p>
+
+   </dd>
+
+  </dl><div class=impl>
+
+  <p>The <dfn id=dom-keygen-challenge title=dom-keygen-challenge><code>challenge</code></dfn> and <dfn id=dom-keygen-keytype title=dom-keygen-keytype><code>keytype</code></dfn> DOM attributes
+  must <a href=#reflect>reflect</a> the respective content attributes of the
+  same name.</p>
+
+  <p>The <dfn id=dom-keygen-type title=dom-keygen-type><code>type</code></dfn> DOM
+  attribute must return the value "<code title="">keygen</code>".</p>
+
+  <p>The <code title=dom-cva-willValidate><a href=#dom-cva-willvalidate>willValidate</a></code>, <code title=dom-cva-validity><a href=#dom-cva-validity>validity</a></code>, and <code title=dom-cva-validationMessage><a href=#dom-cva-validationmessage>validationMessage</a></code>
+  attributes, and the <code title=dom-cva-checkValidatity><a href=#dom-cva-checkvalidatity>checkValidity()</a></code> and <code title=dom-cva-setCustomValidity><a href=#dom-cva-setcustomvalidity>setCustomValidity()</a></code>
+  methods, are part of the <a href=#the-constraint-validation-api>constraint validation API</a>. The
+  <code title=dom-lfe-labels><a href=#dom-lfe-labels>labels</a></code> attribute provides a list
+  of the element's <code><a href=#the-label-element>label</a></code>s.</p>
+
+  </div>
+
+  <p class=note>This specification does not specify how the private
+  key generated is to be used. It is expected that after receiving the
+  <code><a href=#signedpublickeyandchallenge>SignedPublicKeyAndChallenge</a></code> (SPKAC) structure, the
+  server will generate a client certificate and offer it back to the
+  user for download; this certificate, once downloaded and stored in
+  the key store along with the private key, can then be used to
+  authenticate to services that use SSL and certificate
+  authentication.</p>
+
+
+
+  <h4 id=the-output-element><span class=secno>4.10.12 </span>The <dfn><code>output</code></dfn> element</h4>
+
+  <dl class=element><dt>Categories</dt>
+   <dd><a href=#flow-content-0>Flow content</a>.</dd>
+   <dd><a href=#phrasing-content-0>Phrasing content</a>.</dd>
    <dd><a href=#category-listed title=category-listed>Listed</a> and <a href=#category-reset title=category-reset>resettable</a> <a href=#form-associated-element>form-associated element</a>.</dd>
    <dt>Contexts in which this element may be used:</dt>
    <dd>Where <a href=#phrasing-content-0>phrasing content</a> is expected.</dd>
@@ -33645,7 +33904,7 @@
   attribute.</p>
 
   <p>The <a href=#concept-form-reset-control title=concept-form-reset-control>reset
-  algorithm</a> for <code><a href=#the-textarea-element>textarea</a></code> elements is to set the
+  algorithm</a> for <code><a href=#the-output-element>output</a></code> elements is to set the
   element's <code><a href=#textcontent>textContent</a></code> DOM attribute to the value of the
   element's <code title=dom-output-defaultValue><a href=#dom-output-defaultvalue>defaultValue</a></code>
   DOM attribute (thus replacing the element's child nodes), and then
@@ -33716,7 +33975,7 @@
 
 
 
-  <h4 id=association-of-controls-and-forms><span class=secno>4.10.12 </span>Association of controls and forms</h4>
+  <h4 id=association-of-controls-and-forms><span class=secno>4.10.13 </span>Association of controls and forms</h4>
 
   <!-- XXX consider xreffing the 'ID' term in this section -->
 
@@ -33848,9 +34107,9 @@
 
 
 
-  <h4 id=attributes-common-to-form-controls><span class=secno>4.10.13 </span><dfn>Attributes common to form controls</dfn></h4>
+  <h4 id=attributes-common-to-form-controls><span class=secno>4.10.14 </span><dfn>Attributes common to form controls</dfn></h4>
 
-  <h5 id=naming-form-controls><span class=secno>4.10.13.1 </span>Naming form controls</h5>
+  <h5 id=naming-form-controls><span class=secno>4.10.14.1 </span>Naming form controls</h5>
 
   <p>The <dfn id=attr-fe-name title=attr-fe-name><code>name</code></dfn> content
   attribute gives the name of the form control, as used in <a href=#form-submission-0>form
@@ -33871,7 +34130,7 @@
   </div>
 
 
-  <h5 id=enabling-and-disabling-form-controls><span class=secno>4.10.13.2 </span>Enabling and disabling form controls</h5>
+  <h5 id=enabling-and-disabling-form-controls><span class=secno>4.10.14.2 </span>Enabling and disabling form controls</h5>
 
   <p>The <dfn id=attr-fe-disabled title=attr-fe-disabled><code>disabled</code></dfn>
   content attribute is a <a href=#boolean-attribute>boolean attribute</a>.</p>
@@ -33900,7 +34159,7 @@
 
   <div class=impl>
 
-  <h5 id="a-form-control's-value"><span class=secno>4.10.13.3 </span>A form control's value</h5>
+  <h5 id="a-form-control's-value"><span class=secno>4.10.14.3 </span>A form control's value</h5>
 
   <p>Form controls have a <dfn id=concept-fe-value title=concept-fe-value>value</dfn>
   and a <dfn id=concept-fe-checked title=concept-fe-checked>checkedness</dfn>. (The latter
@@ -33911,7 +34170,7 @@
 
 
 
-  <h5 id=autofocusing-a-form-control><span class=secno>4.10.13.4 </span>Autofocusing a form control</h5>
+  <h5 id=autofocusing-a-form-control><span class=secno>4.10.14.4 </span>Autofocusing a form control</h5>
 
   <p>The <dfn id=attr-fe-autofocus title=attr-fe-autofocus><code>autofocus</code></dfn>
   content attribute allows the user to indicate that a control is to
@@ -33958,7 +34217,7 @@
   </div>
 
 
-  <h5 id=limiting-user-input-length><span class=secno>4.10.13.5 </span>Limiting user input length</h5>
+  <h5 id=limiting-user-input-length><span class=secno>4.10.14.5 </span>Limiting user input length</h5>
 
   <p>A <dfn id=attr-fe-maxlength title=attr-fe-maxlength>form control <code title="">maxlength</code> attribute</dfn>, controlled by a <var title="">dirty value flag</var> declares a limit on the number of
   characters a user can input.</p>
@@ -33989,7 +34248,7 @@
 
 
 
-  <h5 id=form-submission><span class=secno>4.10.13.6 </span>Form submission</h5>
+  <h5 id=form-submission><span class=secno>4.10.14.6 </span>Form submission</h5>
 
   <p><dfn id=attributes-for-form-submission>Attributes for form submission</dfn> can be specified both
   on <code><a href=#the-form-element>form</a></code> elements and on <a href=#concept-submit-button title=concept-submit-button>submit button</a> (elements that
@@ -34117,9 +34376,9 @@
   
 
 
-  <h4 id=constraints><span class=secno>4.10.14 </span>Constraints</h4>
+  <h4 id=constraints><span class=secno>4.10.15 </span>Constraints</h4>
 
-  <h5 id=definitions><span class=secno>4.10.14.1 </span>Definitions</h5>
+  <h5 id=definitions><span class=secno>4.10.15.1 </span>Definitions</h5>
 
   <div class=impl>
 
@@ -34206,7 +34465,7 @@
 
   <div class=impl>
 
-  <h5 id=constraint-validation><span class=secno>4.10.14.2 </span>Constraint validation</h5>
+  <h5 id=constraint-validation><span class=secno>4.10.15.2 </span>Constraint validation</h5>
 
   <p>When the user agent is required to <dfn id=statically-validate-the-constraints>statically validate the
   constraints</dfn> of <code><a href=#the-form-element>form</a></code> element <var title="">form</var>, it must run the following steps, which return
@@ -34290,7 +34549,7 @@
 
 
 
-  <h5 id=the-constraint-validation-api><span class=secno>4.10.14.3 </span>The <dfn>constraint validation API</dfn></h5>
+  <h5 id=the-constraint-validation-api><span class=secno>4.10.15.3 </span>The <dfn>constraint validation API</dfn></h5>
 
   <dl class=domintro><dt><var title="">element</var> . <code title=dom-cva-willValidate><a href=#dom-cva-willvalidate>willValidate</a></code></dt>
 
@@ -34488,7 +34747,7 @@
 
   <div class=impl>
 
-  <h5 id=security-0><span class=secno>4.10.14.4 </span>Security</h5>
+  <h5 id=security-0><span class=secno>4.10.15.4 </span>Security</h5>
 
   <p>Servers should not rely on client-side validation. Client-side
   validation can be intentionally bypassed by hostile users, and
@@ -34502,11 +34761,11 @@
 
 
 
-  <h4 id=form-submission-0><span class=secno>4.10.15 </span><dfn>Form submission</dfn></h4>
+  <h4 id=form-submission-0><span class=secno>4.10.16 </span><dfn>Form submission</dfn></h4>
 
   <div class=impl>
 
-  <h5 id=introduction-0><span class=secno>4.10.15.1 </span>Introduction</h5>
+  <h5 id=introduction-0><span class=secno>4.10.16.1 </span>Introduction</h5>
 
   <p><em>This section is non-normative.</em></p>
 
@@ -34518,7 +34777,7 @@
 
   <div class=impl>
 
-  <h5 id=implicit-submission><span class=secno>4.10.15.2 </span>Implicit submission</h5>
+  <h5 id=implicit-submission><span class=secno>4.10.16.2 </span>Implicit submission</h5>
 
   <p>User agents may establish a <a href=#concept-button title=concept-button>button</a> in each form as being the
   form's <dfn id=default-button>default button</dfn>. This should be the first <a href=#concept-submit-button title=concept-submit-button>submit button</a> in <a href=#tree-order>tree
@@ -34547,7 +34806,7 @@
 
   <div class=impl>
 
-  <h5 id=form-submission-algorithm><span class=secno>4.10.15.3 </span>Form submission algorithm</h5>
+  <h5 id=form-submission-algorithm><span class=secno>4.10.16.3 </span>Form submission algorithm</h5>
 
   <p>When a form <var title="">form</var> is <dfn id=concept-form-submit title=concept-form-submit>submitted</dfn> from an element <var title="">submitter</var> (typically a button), the user agent must
   run the following steps:</p>
@@ -35078,7 +35337,7 @@
 
   <div class=impl>
 
-  <h5 id=url-encoded-form-data><span class=secno>4.10.15.4 </span>URL-encoded form data</h5>
+  <h5 id=url-encoded-form-data><span class=secno>4.10.16.4 </span>URL-encoded form data</h5>
 
   <p>The <dfn id=application/x-www-form-urlencoded-encoding-algorithm><code title="">application/x-www-form-urlencoded</code> encoding
   algorithm</dfn> is as follows:</p>
@@ -35175,7 +35434,7 @@
 
   <div class=impl>
 
-  <h5 id=multipart-form-data><span class=secno>4.10.15.5 </span>Multipart form data</h5>
+  <h5 id=multipart-form-data><span class=secno>4.10.16.5 </span>Multipart form data</h5>
 
   <p>The <dfn id=multipart/form-data-encoding-algorithm><code title="">multipart/form-data</code> encoding
   algorithm</dfn> is to encode the <var title="">form data set</var>
@@ -35197,7 +35456,7 @@
 
   <div class=impl>
 
-  <h5 id=plain-text-form-data><span class=secno>4.10.15.6 </span>Plain text form data</h5>
+  <h5 id=plain-text-form-data><span class=secno>4.10.16.6 </span>Plain text form data</h5>
 
   <p>The <dfn id=text/plain-encoding-algorithm><code title="">text/plain</code> encoding
   algorithm</dfn> is as follows:</p>
@@ -35256,7 +35515,7 @@
 
   <div class=impl>
 
-  <h4 id=resetting-a-form><span class=secno>4.10.16 </span>Resetting a form</h4>
+  <h4 id=resetting-a-form><span class=secno>4.10.17 </span>Resetting a form</h4>
 
   <p>When a form <var title="">form</var> is <dfn id=concept-form-reset title=concept-form-reset>reset</dfn>, the user agent must invoke
   the <a href=#concept-form-reset-control title=concept-form-reset-control>reset algorithm</a>
@@ -35277,7 +35536,7 @@
 
   <div class=impl>
 
-  <h4 id=event-dispatch><span class=secno>4.10.17 </span>Event dispatch</h4>
+  <h4 id=event-dispatch><span class=secno>4.10.18 </span>Event dispatch</h4>
 
   <p>When the user agent is to <dfn id=broadcast-forminput-events>broadcast <code title=event-forminput>forminput</code> events</dfn> or
   <dfn id=broadcast-formchange-events>broadcast <code title=event-formchange>formchange</code>
@@ -55440,7 +55699,8 @@
    </dd>
 
    <dt>A start tag whose tag name is one of: "area", "basefont",
-   "bgsound", "br", "embed", "img", "input", "spacer", "wbr"</dt>
+   "bgsound", "br", "embed", "img", "input", "keygen", "spacer",
+   "wbr"</dt>
    <dd>
 
     <p><a href=#reconstruct-the-active-formatting-elements>Reconstruct the active formatting elements</a>, if
@@ -55564,15 +55824,6 @@
 
    </dd>
 
-<!-- XXX keygen support; don't forget form element pointer!
-     Search for 'keygen' elsewhere in the spec when doing this.
-
-   <dt>A start tag whose tag name is "keygen"</dt>
-   <dd>
-    ...
-   </dd>
--->
-
    <dt>A start tag whose tag name is "textarea"</dt>
    <dd>
 
@@ -55768,10 +56019,9 @@
    "thead", "tr"</dt>
    <!--<dt>An end tag whose tag name is one of: "area", "base",
    "basefont", "bgsound", "command", "embed", "hr", "iframe", "image",
-   "img", "input", "isindex", "link", "meta", "noembed", "noframes",
-   "param", "script", "select", "source", "spacer", "style", "table",
-   "textarea", "title", "wbr"</dt>--> <!-- add keygen if we add the
-   start tag -->
+   "img", "input", "isindex", "keygen", "link", "meta", "noembed",
+   "noframes", "param", "script", "select", "source", "spacer",
+   "style", "table", "textarea", "title", "wbr"</dt>-->
    <!--<dt>An end tag whose tag name is "noscript", if the
    <span>scripting flag</span> is enabled</dt>-->
    <dd>
@@ -57491,13 +57741,13 @@
         <code><a href=#the-area-element>area</a></code>, <code><a href=#the-base-element>base</a></code>, <code>basefont</code>,
         <code>bgsound</code>, <code><a href=#the-br-element>br</a></code>, <code><a href=#the-col-element>col</a></code>,
         <code><a href=#the-embed-element>embed</a></code>, <code>frame</code>, <code><a href=#the-hr-element>hr</a></code>,
-        <code><a href=#the-img-element>img</a></code>, <code><a href=#the-input-element>input</a></code>, <code><a href=#the-link-element>link</a></code>,
-        <code><a href=#meta>meta</a></code>, <code><a href=#the-param-element>param</a></code>, <code>spacer</code>, or
-        <code>wbr</code> element, then continue on to the next child
-        node at this point.</p> <!-- also, i guess: image, isindex,
-        and keygen, but we don't list those because we don't consider
-        those "elements", more "macros", and thus we should never
-        serialize them -->
+        <code><a href=#the-img-element>img</a></code>, <code><a href=#the-input-element>input</a></code>, <code><a href=#the-keygen-element>keygen</a></code>,
+        <code><a href=#the-link-element>link</a></code>, <code><a href=#meta>meta</a></code>, <code><a href=#the-param-element>param</a></code>,
+        <code>spacer</code>, or <code>wbr</code> element, then
+        continue on to the next child node at this point.</p> <!--
+        also, i guess: image and isindex, but we don't list those
+        because we don't consider those "elements", more "macros", and
+        thus we should never serialize them -->
 
         <p>If <var title="">current node</var> is a <code><a href=#the-pre-element>pre</a></code>,
         <code><a href=#the-textarea-element>textarea</a></code>, or <code>listing</code> element, append
@@ -61029,7 +61279,7 @@
 
   <pre class=css>@namespace url(http://www.w3.org/1999/xhtml);
 
-table, input, select, option, optgroup, button, textarea<!--, keygen --> {
+table, input, select, option, optgroup, button, textarea, keygen {
   text-indent: initial;
 }</pre>
 
@@ -61817,6 +62067,19 @@
 
 
 
+  <h4 id=the-keygen-element-0><span class=secno>10.4.18 </span>The <code><a href=#the-keygen-element>keygen</a></code> element</h4>
+
+  <pre class=css>@namespace url(http://www.w3.org/1999/xhtml);
+
+keygen { binding: <i title="">keygen</i>; }</pre>
+
+  <p>When the <i title="">keygen</i> binding applies to a
+  <code><a href=#the-keygen-element>keygen</a></code> element, the element is expected to render as an
+  'inline-block' box containing a user interface to configure the key
+  pair to be generated.</p>
+
+
+
   <h3 id=frames-and-framesets><span class=secno>10.5 </span>Frames and framesets</h3>
 
   <p>When an <code><a href=#the-html-element>html</a></code> element's second child element is a
@@ -62826,6 +63089,7 @@
   Lachlan Hunt,
   Larry Page,
   Lars Gunther<!-- Keryx Web -->,
+  Lars Sunberg<!-- surname uncertain -->,
   Laura L. Carlson,
   Laura Wisewell,
   Laurens Holst,
@@ -62965,6 +63229,7 @@
   Wladimir Palant,
   Wolfram Kriesing,
   Yi-An Huang,
+  Yngve Nysaeter Pettersen,
   Zhenbin Xu,
   and
   Øistein E. Andersen,

Modified: source
===================================================================
--- source	2009-04-06 08:24:27 UTC (rev 2959)
+++ source	2009-04-07 03:48:37 UTC (rev 2960)
@@ -37662,6 +37662,317 @@
 
 
 
+  <h4>The <dfn><code>keygen</code></dfn> element</h4>
+
+  <dl class="element">
+   <dt>Categories</dt>
+   <dd><span>Flow content</span>.</dd>
+   <dd><span>Phrasing content</span>.</dd>
+   <dd><span>Interactive content</span>.</dd>
+   <dd><span title="category-listed">Listed</span>, <span title="category-label">labelable</span>, <span title="category-submit">submittable</span>, and <span title="category-reset">resettable</span> <span>form-associated element</span>.</dd>
+   <dt>Contexts in which this element may be used:</dt>
+   <dd>Where <span>phrasing content</span> is expected.</dd>
+   <dt>Content model:</dt>
+   <dd>Empty.</dd>
+   <dt>Content attributes:</dt>
+   <dd><span>Global attributes</span></dd>
+   <dd><code title="attr-fe-autofocus">autofocus</code></dd>
+   <dd><code title="attr-keygen-challenge">challenge</code></dd>
+   <dd><code title="attr-fe-disabled">disabled</code></dd>
+   <dd><code title="attr-fae-form">form</code></dd>
+   <dd><code title="attr-keygen-keytype">keytype</code></dd>
+   <dd><code title="attr-fe-name">name</code></dd>
+   <dt>DOM interface:</dt>
+   <dd>
+<pre class="idl">interface <dfn>HTMLKeygenElement</dfn> : <span>HTMLElement</span> {
+           attribute boolean <span title="dom-fe-autofocus">autofocus</span>;
+           attribute DOMString <span title="dom-keygen-challenge">challenge</span>;
+           attribute boolean <span title="dom-fe-disabled">disabled</span>;
+  readonly attribute <span>HTMLFormElement</span> <span title="dom-fae-form">form</span>;
+           attribute DOMString <span title="dom-keygen-keytype">keytype</span>;
+           attribute DOMString <span title="dom-fe-name">name</span>;
+
+  readonly attribute DOMString <span title="dom-keygen-type">type</span>;
+
+  readonly attribute boolean <span title="dom-cva-willValidate">willValidate</span>;
+  readonly attribute <span>ValidityState</span> <span title="dom-cva-validity">validity</span>;
+  readonly attribute DOMString <span title="dom-cva-validationMessage">validationMessage</span>;
+  boolean <span title="dom-cva-checkValidatity">checkValidity</span>();
+  void <span title="dom-cva-setCustomValidity">setCustomValidity</span>(in DOMString error);
+
+  readonly attribute <span>NodeList</span> <span title="dom-lfe-labels">labels</span>;
+};</pre>
+   </dd> 
+  </dl>
+
+  <p>The <code>keygen</code> element <span>represents</span> a key
+  pair generator control. When the control's form is submitted, the
+  private key is stored in the local keystore, and the public key is
+  packaged and sent to the server.</p>
+
+  <p>The <dfn
+  title="attr-keygen-challenge"><code>challenge</code></dfn> attribute
+  may be specified. Its value will be packaged with the submitted
+  key.</p>
+
+  <p>The <dfn title="attr-keygen-keytype"><code>keytype</code></dfn>
+  attribute is an <span>enumerated attribute</span>. The following
+  table lists the keywords and states for the attribute — the
+  keywords in the left column map to the states listed in the cell in
+  the second column on the same row as the keyword.</p>
+
+  <table>
+   <thead> <tr> <th> Keyword <th> State
+   <tbody>
+    <tr>
+     <td> <code title="">rsa</code>
+     <td> <i title="">RSA</i>
+  </table>
+
+  <p>The <i>invalid value default</i> state is the <i
+  title="">unknown</i> state. The <i>missing value default</i> state
+  is the <i title="">RSA</i> state.</p>
+
+  <div class="impl">
+
+  <p>The user agent may expose a user interface for each
+  <code>keygen</code> element to allow the user to configure settings
+  of the element's key pair generator, e.g. the key length.</p>
+
+  <p>The <span title="concept-form-reset-control">reset
+  algorithm</span> for <code>keygen</code> elements is to set these
+  various configuration settings back to their defaults.</p>
+
+  <p>The element's <span title="concept-fe-value">value</span> is the
+  string returned from the following algorithm:</p>
+
+  <!-- XXXrefs:
+    [X690] http://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf
+  -->
+
+  <ol>
+
+   <li>
+
+    <p>Use the appropriate step from the following list:</p>
+
+    <dl class="switch">
+
+     <!--
+
+     <dt>If the <code title="attr-keygen-keytype">keytype</code>
+     attribute is in the <i title="">EC</i> state</dt>
+
+     <dd>
+
+      <p>...
+
+     </dd>
+
+     http://www.mail-archive.com/dev-tech-crypto@lists.mozilla.org/msg05902.html
+
+     -->
+
+     <dt>If the <code title="attr-keygen-keytype">keytype</code>
+     attribute is in the <i title="">RSA</i> state</dt>
+
+     <dd>
+
+      <p>Generate an RSA key pair using the settings given by the
+      user, if appropriate.</p>
+
+      <p>Select an RSA signature algorithm from those listed in
+      section 7.2.1 ("RSA Signature Algorithm") of RFC2459. <a
+      href="#refsRFC2459">[RFC2459]</a></p>
+
+     </dd>
+
+     <dt>Otherwise, the <code
+     title="attr-keygen-keytype">keytype</code> attribute is in the <i
+     title="">unknown</i> state</dt>
+
+     <dd>
+
+      <p>The given key type is not supported. Return the empty string
+      and abort this algorithm.</p>
+
+     </dd>
+
+    </dl>
+
+    <p>Let <var title="">private key</var> be the generated private key.</p>
+
+    <p>Let <var title="">public key</var> be the generated public key.</p>
+
+    <p>Let <var title="">signature algorithm</var> be the selected
+    signature algorithm.</p>
+
+   </li>
+
+   <li>
+
+    <p>If the element has a <code
+    title="attr-keygen-challenge">challenge</code> attribute, then let
+    <var title="">challenge</var> be that attribute's value.
+    Otherwise, let <var title="">challenge</var> be the empty
+    string.</p>
+
+   </li>
+
+   <li>
+
+    <p>Let <var title="">algorithm</var> be an ASN.1 <code
+    title="">AlgorithmIdentifier</code> structure as defined by
+    RFC2459, with the <code title="">algorithm</code> field giving the
+    ASN.1 OID used to identify <var title="">signature
+    algorithm</var>, using the OIDs defined in section 7.2 ("Signature
+    Algorithms") of RFC2459, and the <code title="">parameters</code>
+    field set up as required by RFC2459 for <code
+    title="">AlgorithmIdentifier</code> structures for that
+    algorithm. <a href="#refsX690">[X690]</a> <a
+    href="#refsRFC2459">[RFC2459]</a></p>
+
+   </li>
+
+   <li>
+
+    <p>Let <var title="">spki</var> be an ASN.1 <code
+    title="">SubjectPublicKeyInfo</code> structure as defined by
+    RFC2459, with the <code title="">algorithm</code> field set to the
+    <var title="">algorithm</var> structure from the previous step,
+    and the <code title="">subjectPublicKey</code> field set to the
+    BIT STRING value resulting from ASN.1 DER encoding the <var
+    title="">public key</var>. <a href="#refsX690">[X690]</a> <a
+    href="#refsRFC2459">[RFC2459]</a></p>
+
+   </li>
+
+   <li>
+
+    <p>Let <var title="">publicKeyAndChallenge</var> be an ASN.1
+    <code>PublicKeyAndChallenge</code> structure as defined below,
+    with the <code title="">spki</code> field set to the <var
+    title="">spki</var> structure from the previous step, and the
+    <code title="">challenge</code> field set to the string <var
+    title="">challenge</var> obtained earlier. <a
+    href="#refsX690">[X690]</a></p>
+
+   </li>
+
+   <li>
+
+    <p>Let <var title="">signature</var> be the BIT STRING value
+    resulting from ASN.1 DER encoding the signature generated by
+    applying the <var title="">signature algorithm</var> to the byte
+    string obtained by ASN.1 DER encoding the <var
+    title="">publicKeyAndChallenge</var> structure, using <var
+    title="">private key</var> as the signing key. <a
+    href="#refsX690">[X690]</a></p>
+
+   </li>
+
+   <li>
+
+    <p>Let <var title="">signedPublicKeyAndChallenge</var> be an ASN.1
+    <code>SignedPublicKeyAndChallenge</code> structure as defined
+    below, with the <code title="">publicKeyAndChallenge</code> field
+    set to the <var title="">publicKeyAndChallenge</var> structure,
+    the <code title="">signatureAlgorithm</code> field set to the <var
+    title="">algorithm</var> structure, and the <code
+    title="">signature</code> field set to the BIT STRING <var
+    title="">signature</var> from the previous step. <a
+    href="#refsX690">[X690]</a></p>
+
+   </li>
+
+   <li>
+
+    <p>Return the result of base64 encoding the result of ASN.1 DER
+    encoding the <var title="">signedPublicKeyAndChallenge</var>
+    structure. <a href="#refsRFC3548">[RFC3548]</a><!--base64--> <a
+    href="#refsX690">[X690]</a></p>
+
+   </li>
+
+  </ol>
+
+  <p>The data objects used by the above algorithm are defined as
+  follows. These definitions use the same "ASN.1-like" syntax defined
+  by RFC2459. <a href="#refsRFC2459">[RFC2459]</a></p>
+
+  <pre class="asn"><dfn>PublicKeyAndChallenge</dfn> ::= SEQUENCE {
+    spki <span>SubjectPublicKeyInfo</span>,
+    challenge IA5STRING
+}
+
+<dfn>SignedPublicKeyAndChallenge</dfn> ::= SEQUENCE {
+    publicKeyAndChallenge <span>PublicKeyAndChallenge</span>,
+    signatureAlgorithm <span>AlgorithmIdentifier</span>,
+    signature BIT STRING
+}</pre>
+
+  <hr>
+
+  <p><strong>Constraint validation:</strong> The <code>keygen</code>
+  element is <span>barred from constraint validation</span>.</p>
+
+  </div>
+
+  <p>The <code title="attr-fae-form">form</code> attribute is used to
+  explicitly associate the <code>keygen</code> element with its
+  <span>form owner</span>. The <code title="attr-fe-name">name</code>
+  attribute represents the element's name. The <code
+  title="attr-fe-disabled">disabled</code> attribute is used to make
+  the control non-interactive and to prevent its value from being
+  submitted. The <code title="attr-fe-autofocus">autofocus</code>
+  attribute controls focus.</p>
+
+  <dl class="domintro">
+
+   <dt><var title="">keygen</var> . <code title="attr-keygen-type">type</code></dt>
+
+   <dd>
+
+    <p>Returns the string "<code title="">keygen</code>".</p>
+
+   </dd>
+
+  </dl>
+
+  <div class="impl">
+
+  <p>The <dfn
+  title="dom-keygen-challenge"><code>challenge</code></dfn> and <dfn
+  title="dom-keygen-keytype"><code>keytype</code></dfn> DOM attributes
+  must <span>reflect</span> the respective content attributes of the
+  same name.</p>
+
+  <p>The <dfn title="dom-keygen-type"><code>type</code></dfn> DOM
+  attribute must return the value "<code title="">keygen</code>".</p>
+
+  <p>The <code title="dom-cva-willValidate">willValidate</code>, <code
+  title="dom-cva-validity">validity</code>, and <code
+  title="dom-cva-validationMessage">validationMessage</code>
+  attributes, and the <code
+  title="dom-cva-checkValidatity">checkValidity()</code> and <code
+  title="dom-cva-setCustomValidity">setCustomValidity()</code>
+  methods, are part of the <span>constraint validation API</span>. The
+  <code title="dom-lfe-labels">labels</code> attribute provides a list
+  of the element's <code>label</code>s.</p>
+
+  </div>
+
+  <p class="note">This specification does not specify how the private
+  key generated is to be used. It is expected that after receiving the
+  <code>SignedPublicKeyAndChallenge</code> (SPKAC) structure, the
+  server will generate a client certificate and offer it back to the
+  user for download; this certificate, once downloaded and stored in
+  the key store along with the private key, can then be used to
+  authenticate to services that use SSL and certificate
+  authentication.</p>
+
+
+
   <h4>The <dfn><code>output</code></dfn> element</h4>
 
   <dl class="element">
@@ -37750,7 +38061,7 @@
   attribute.</p>
 
   <p>The <span title="concept-form-reset-control">reset
-  algorithm</span> for <code>textarea</code> elements is to set the
+  algorithm</span> for <code>output</code> elements is to set the
   element's <code>textContent</code> DOM attribute to the value of the
   element's <code title="dom-output-defaultValue">defaultValue</code>
   DOM attribute (thus replacing the element's child nodes), and then
@@ -67994,7 +68305,8 @@
    </dd>
 
    <dt>A start tag whose tag name is one of: "area", "basefont",
-   "bgsound", "br", "embed", "img", "input", "spacer", "wbr"</dt>
+   "bgsound", "br", "embed", "img", "input", "keygen", "spacer",
+   "wbr"</dt>
    <dd>
 
     <p><span>Reconstruct the active formatting elements</span>, if
@@ -68120,15 +68432,6 @@
 
    </dd>
 
-<!-- XXX keygen support; don't forget form element pointer!
-     Search for 'keygen' elsewhere in the spec when doing this.
-
-   <dt>A start tag whose tag name is "keygen"</dt>
-   <dd>
-    ...
-   </dd>
--->
-
    <dt>A start tag whose tag name is "textarea"</dt>
    <dd>
 
@@ -68332,10 +68635,9 @@
    "thead", "tr"</dt>
    <!--<dt>An end tag whose tag name is one of: "area", "base",
    "basefont", "bgsound", "command", "embed", "hr", "iframe", "image",
-   "img", "input", "isindex", "link", "meta", "noembed", "noframes",
-   "param", "script", "select", "source", "spacer", "style", "table",
-   "textarea", "title", "wbr"</dt>--> <!-- add keygen if we add the
-   start tag -->
+   "img", "input", "isindex", "keygen", "link", "meta", "noembed",
+   "noframes", "param", "script", "select", "source", "spacer",
+   "style", "table", "textarea", "title", "wbr"</dt>-->
    <!--<dt>An end tag whose tag name is "noscript", if the
    <span>scripting flag</span> is enabled</dt>-->
    <dd>
@@ -70228,13 +70530,13 @@
         <code>area</code>, <code>base</code>, <code>basefont</code>,
         <code>bgsound</code>, <code>br</code>, <code>col</code>,
         <code>embed</code>, <code>frame</code>, <code>hr</code>,
-        <code>img</code>, <code>input</code>, <code>link</code>,
-        <code>meta</code>, <code>param</code>, <code>spacer</code>, or
-        <code>wbr</code> element, then continue on to the next child
-        node at this point.</p> <!-- also, i guess: image, isindex,
-        and keygen, but we don't list those because we don't consider
-        those "elements", more "macros", and thus we should never
-        serialize them -->
+        <code>img</code>, <code>input</code>, <code>keygen</code>,
+        <code>link</code>, <code>meta</code>, <code>param</code>,
+        <code>spacer</code>, or <code>wbr</code> element, then
+        continue on to the next child node at this point.</p> <!--
+        also, i guess: image and isindex, but we don't list those
+        because we don't consider those "elements", more "macros", and
+        thus we should never serialize them -->
 
         <p>If <var title="">current node</var> is a <code>pre</code>,
         <code>textarea</code>, or <code>listing</code> element, append
@@ -71829,7 +72131,7 @@
 
   <pre class="css">@namespace url(http://www.w3.org/1999/xhtml);
 
-table, input, select, option, optgroup, button, textarea<!--, keygen --> {
+table, input, select, option, optgroup, button, textarea, keygen {
   text-indent: initial;
 }</pre>
 
@@ -72724,6 +73026,19 @@
 
 
 
+  <h4>The <code>keygen</code> element</h4>
+
+  <pre class="css">@namespace url(http://www.w3.org/1999/xhtml);
+
+keygen { binding: <i title="">keygen</i>; }</pre>
+
+  <p>When the <i title="">keygen</i> binding applies to a
+  <code>keygen</code> element, the element is expected to render as an
+  'inline-block' box containing a user interface to configure the key
+  pair to be generated.</p>
+
+
+
   <h3>Frames and framesets</h3>
 
   <p>When an <code>html</code> element's second child element is a
@@ -73842,6 +74157,7 @@
   Lachlan Hunt,
   Larry Page,
   Lars Gunther<!-- Keryx Web -->,
+  Lars Sunberg<!-- surname uncertain -->,
   Laura L. Carlson,
   Laura Wisewell,
   Laurens Holst,
@@ -73981,6 +74297,7 @@
   Wladimir Palant,
   Wolfram Kriesing,
   Yi-An Huang,
+  Yngve Nysaeter Pettersen,
   Zhenbin Xu,
   and
   Øistein E. Andersen,




More information about the Commit-Watchers mailing list