mart at degeneration.co.uk
Tue Jan 6 11:51:54 PST 2009
Maciej Stachowiak wrote:
> In the case of Safari, we store the generated private key in the
> Keychain, and sites using <keygen> typically respond with a signed
> certificate, which is downloaded and automatically added to the
> Keychain. Depending on the valid purposes of the key, users can then do
> the following automatically:
> 1) Browse to SSL sites that require client-side certificates for
> authentication, in Safari.
In case it's useful, an example of the above use-case is
http://www.myopenid.com/ , which is an OpenID provider that can use SSL
client certs for authentication. The client certs are initially issued
I personally use it in Opera and Firefox, and they act in a similar way
to what you describe for Safari.
More information about the whatwg