[whatwg] <keygen>
Story Henry
henry.story at bblfish.net
Thu Jan 8 15:28:44 PST 2009
Dear WhatWG,
I just subscribed to this list having noticed a thread earlier this
month on the topic of the <keygen> tag. As it happens we are working
on a protocol
foaf+ssl where keygen turns out to be extremely useful. It allows us
to create web services to give people very secure certificates which
can then be used to build a secure distributed social network based on
a web of trust.
The foaf+ssl protocol works as it happens with most existing browsers
- though we have not done a detailed study of this yet (if people
could help this would be greatly appreciated). The protocol is
summarized here:
http://www.w3.org/2008/09/msnws/papers/foaf+ssl.html
And you can find more on my blog at http://blogs.sun.com/bblfish .
The discussion on <keygen> which produces spkac public keys which it
sends to the server can be found on the foaf-protocols mailing list
archive under 'spkac'
http://lists.foaf-project.org/pipermail/foaf-protocols/2009-January/date.html
To tell you the truth I just discovered this tag recently myself,
wrote some code to test that it worked, found it to work on Opera,
Netscape, and Firefox, though it works slightly differently on each
platform.
http://lists.foaf-project.org/pipermail/foaf-protocols/2009-January/000153.html
I also put up a page on wikipedia:
http://en.wikipedia.org/wiki/Spkac
So please do keep the tag, and perhaps work on making it easier to
work with.
Henry
Blog: http://blogs.sun.com/bblfish
Ian Hickson wrote on January 6 2009:
> Over the years, several people (most of them bcc'ed) have asked for
> HTML5 to include a definition of <keygen>. Some have even gone as
> far as finding documentation on the element -- thank you. As I
> understand it based on the documentation, <keygen> basically
> generates a public/private asymmetric cryptographic key pair, and
> then sends the public component as its form value. Unfortunately,
> this seems completely and utterly useless, as at no point does there
> seem to be any way to ever use the private component either for
> signing or for decrypting anything, nor does there appear to be a
> way to use the certificate for authentication. Without further
> information along these lines describing how to actually make
> practical use of the element, I do not intend to document <keygen>
> in the HTML5 specification. If anyone can fill in these holes that
> would be very helpful. Cheers,
More information about the whatwg
mailing list