derhoermi at gmx.net
Tue Jan 6 05:16:04 PST 2009
* Ian Hickson wrote:
>Over the years, several people (most of them bcc'ed) have asked for HTML5
>to include a definition of <keygen>. Some have even gone as far as finding
>documentation on the element -- thank you.
>As I understand it based on the documentation, <keygen> basically
>generates a public/private asymmetric cryptographic key pair, and then
>sends the public component as its form value.
>Unfortunately, this seems completely and utterly useless, as at no point
>does there seem to be any way to ever use the private component either for
>signing or for decrypting anything, nor does there appear to be a way to
>use the certificate for authentication.
You don't say which documentation you read, but the original Netscape
documentation was rather clear that the private component is stored in
the local keystore, and from there you can of course use it when a site
requests that you identify yourself with a certificate.
http://developer.netscape.com/docs/manuals/htmlguid/tags10.htm once had:
The KEYGEN tag facilitates the generation of key material and
submission of the public key as part of an HTML form. This mechanism
is designed for use in web-based certificate management systems. It
displays a menu of key-size choices from which the user must choose
one. Then, when the submit button is clicked, a key pair of the
selected size is generated. The private key is encrypted and stored in
the local key database.
Björn Höhrmann · mailto:bjoern at hoehrmann.de · http://bjoern.hoehrmann.de
Am Badedeich 7 · Telefon: +49(0)160/4415681 · http://www.bjoernsworld.de
25899 Dagebüll · PGP Pub. KeyID: 0xA4357E78 · http://www.websitedev.de/
More information about the whatwg