[whatwg] The <keygen> element
anders.rundgren at telia.com
Fri Apr 17 14:42:37 PDT 2009
I understand what you are saying, but without a "buy-in" from
Microsoft there is little point in elevating <keygen> to some kind
of standard since it will fail in the majority of cases.
Anyway, it seems that the security people are uninterested in
on-line key provisioning so you can go ahead without regrets :-)
As a web-CA writer I know that I will have to check User-Agent
etc. because this isn't going to be _the_ solution :-(
When you have added the missing 5-10 attributes including repeated
keys (!) to reach generateCRMFRequest level (easy according to Nelson...)
please give drop me a line :-)
----- Original Message -----
From: "Jonas Sicking" <jonas at sicking.cc>
To: "Anders Rundgren" <anders.rundgren at telia.com>
Cc: <whatwg at lists.whatwg.org>; "Nelson B Bolyard" <nelson at bolyard.me>;
<dev-tech-crypto at lists.mozilla.org>
Sent: Friday, April 17, 2009 23:16
Subject: Re: [whatwg] The <keygen> element
On Thu, Apr 16, 2009 at 9:22 PM, Anders Rundgren
<anders.rundgren at telia.com> wrote:
> "Nelson B Bolyard" wrote [to the WHATWG list]:
> Based on WHATWG comments, this it is not really about standardization
> but about documenting the current practice for key generation in the HTML
> layer without comparing this to other ways of achieving the similar goals
> scope AFAICT.
The <keygen> discussion is not about creating a new standard, that is
correct. It is about standardizing current practices that are required
by *todays* browsers in order to be compatible with the web and thus
considered by users.
As for coming up with a new, better standard for accomplishing what
keygen was originally envisioned to do, way back when, I think this
would be a great idea.
Nothing is out of scope for such a new standard. However the
apropriate standards organization and working group should be used. So
the webapps wg in w3c, or some security related standards org seems
more apropriate than whatwg.
If on the other hand a new HTML element is proposed, then this list
seems like a fine place for such a discussion.
Hope that makes sense?
More information about the whatwg