[whatwg] Browser Signature Standards Proposal

Channy Yun channy at creation.net
Tue Oct 31 10:24:08 PST 2006


Anders and all,

As I said in other thread, I think digital signature must be
standardized for secure and legal assurance of form data and I respect
your issuing and great jobs. But, we can simply think this issue in
range of this group. Most of forms directly go to web server via
urlencoded. If some indicators are given, browsers can execute signing
process.

For example,

<form name="sendmoney" action="/send.cgi" signed="signed">
<input type="text" name="dollars" value="3.00">
<input type="text" name="account" values="1234567890">
<input type="submt" value="Sending Money!">
</form>

When an user clicks submit button, the dialog box will be opened for
selecting the private certificates to be signed. Server can understand
form data and attached signatures signed by browser via SSL.

Or it can be applied each forms.

 <input type="text" name="dollars" value="3.00" signed="signed">

Anyway it is browser's the function of digital signature such as
sign.Text() function. This idea make possible to handle easily them
via form.

Channy


On 9/3/06, Anders Rundgren <anders.rundgren at telia.com> wrote:
> F.Y.I.
>
> I'm sorry about WASP, I was not aware of your activities when I created
> the Web Activated Signature Protocol.
>
> Background:
> http://middleware.internet2.edu/pki06/proceedings/rundgren-websigning.ppt
>
> Minimal technical description:
> http://webpki.org/WASP-tutorial.pdf
>
> The works:
> http://webpki.org/WASP-specifications-2006-08-26.zip
>
> There is [much] more if somebody is interested.
>
> Anders Rundgren
>
>
>
>



More information about the whatwg mailing list