sunberg at gmail.com
Tue Jan 6 05:12:23 PST 2009
I have written some documentation on this before, and I have already
published it to this mailing list. You can find it at
its nowhere to be found....
The private/public keypair generated with the keygen tag is only
useful if you have configured your webserver to only allow
certificates signed by your CA. I know of a few netbanks that does it
this way. Its a very secure solution!
If you want, I can send you some more php code of how I implemented
this in one of my projects. I can also make a little test-case if that
would be better..
Thanks for bringing up this subject again!
On Tue, Jan 6, 2009 at 1:40 PM, Ian Hickson <ian at hixie.ch> wrote:
> Over the years, several people (most of them bcc'ed) have asked for HTML5
> to include a definition of <keygen>. Some have even gone as far as finding
> documentation on the element -- thank you.
> As I understand it based on the documentation, <keygen> basically
> generates a public/private asymmetric cryptographic key pair, and then
> sends the public component as its form value.
> Unfortunately, this seems completely and utterly useless, as at no point
> does there seem to be any way to ever use the private component either for
> signing or for decrypting anything, nor does there appear to be a way to
> use the certificate for authentication.
> Without further information along these lines describing how to actually
> make practical use of the element, I do not intend to document <keygen> in
> the HTML5 specification. If anyone can fill in these holes that would be
> very helpful.
> Ian Hickson U+1047E )\._.,--....,'``. fL
> http://ln.hixie.ch/ U+263A /, _.. \ _\ ;`._ ,.
> Things that are impossible just take longer. `._.-(,_..'--(,_..'`-.;.'
More information about the whatwg